3 Virtual Memory Management Services to set or clear the memory encryption bit
5 Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
6 Copyright (c) 2017 - 2020, AMD Incorporated. All rights reserved.<BR>
8 SPDX-License-Identifier: BSD-2-Clause-Patent
10 Code is derived from MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
14 #include <Library/CpuLib.h>
15 #include <Library/MemEncryptSevLib.h>
16 #include <Register/Amd/Cpuid.h>
17 #include <Register/Cpuid.h>
19 #include "VirtualMemory.h"
20 #include "SnpPageStateChange.h"
22 STATIC BOOLEAN mAddressEncMaskChecked
= FALSE
;
23 STATIC UINT64 mAddressEncMask
;
24 STATIC PAGE_TABLE_POOL
*mPageTablePool
= NULL
;
32 Return the pagetable memory encryption mask.
34 @return The pagetable memory encryption mask.
39 InternalGetMemEncryptionAddressMask (
43 UINT64 EncryptionMask
;
45 if (mAddressEncMaskChecked
) {
46 return mAddressEncMask
;
49 EncryptionMask
= MemEncryptSevGetEncryptionMask ();
51 mAddressEncMask
= EncryptionMask
& PAGING_1G_ADDRESS_MASK_64
;
52 mAddressEncMaskChecked
= TRUE
;
54 return mAddressEncMask
;
58 Initialize a buffer pool for page table use only.
60 To reduce the potential split operation on page table, the pages reserved for
61 page table should be allocated in the times of PAGE_TABLE_POOL_UNIT_PAGES and
62 at the boundary of PAGE_TABLE_POOL_ALIGNMENT. So the page pool is always
63 initialized with number of pages greater than or equal to the given
66 Once the pages in the pool are used up, this method should be called again to
67 reserve at least another PAGE_TABLE_POOL_UNIT_PAGES. Usually this won't
68 happen often in practice.
70 @param[in] PoolPages The least page number of the pool to be created.
72 @retval TRUE The pool is initialized successfully.
73 @retval FALSE The memory is out of resource.
77 InitializePageTablePool (
84 // Always reserve at least PAGE_TABLE_POOL_UNIT_PAGES, including one page for
87 PoolPages
+= 1; // Add one page for header.
88 PoolPages
= ((PoolPages
- 1) / PAGE_TABLE_POOL_UNIT_PAGES
+ 1) *
89 PAGE_TABLE_POOL_UNIT_PAGES
;
90 Buffer
= AllocateAlignedPages (PoolPages
, PAGE_TABLE_POOL_ALIGNMENT
);
92 DEBUG ((DEBUG_ERROR
, "ERROR: Out of aligned pages\r\n"));
97 // Link all pools into a list for easier track later.
99 if (mPageTablePool
== NULL
) {
100 mPageTablePool
= Buffer
;
101 mPageTablePool
->NextPool
= mPageTablePool
;
103 ((PAGE_TABLE_POOL
*)Buffer
)->NextPool
= mPageTablePool
->NextPool
;
104 mPageTablePool
->NextPool
= Buffer
;
105 mPageTablePool
= Buffer
;
109 // Reserve one page for pool header.
111 mPageTablePool
->FreePages
= PoolPages
- 1;
112 mPageTablePool
->Offset
= EFI_PAGES_TO_SIZE (1);
118 This API provides a way to allocate memory for page table.
120 This API can be called more than once to allocate memory for page tables.
122 Allocates the number of 4KB pages and returns a pointer to the allocated
123 buffer. The buffer returned is aligned on a 4KB boundary.
125 If Pages is 0, then NULL is returned.
126 If there is not enough memory remaining to satisfy the request, then NULL is
129 @param Pages The number of 4 KB pages to allocate.
131 @return A pointer to the allocated buffer or NULL if allocation fails.
137 AllocatePageTableMemory (
148 // Renew the pool if necessary.
150 if ((mPageTablePool
== NULL
) ||
151 (Pages
> mPageTablePool
->FreePages
))
153 if (!InitializePageTablePool (Pages
)) {
158 Buffer
= (UINT8
*)mPageTablePool
+ mPageTablePool
->Offset
;
160 mPageTablePool
->Offset
+= EFI_PAGES_TO_SIZE (Pages
);
161 mPageTablePool
->FreePages
-= Pages
;
165 "%a:%a: Buffer=0x%Lx Pages=%ld\n",
178 @param[in] PhysicalAddress Start physical address the 2M page
180 @param[in, out] PageEntry2M Pointer to 2M page entry.
181 @param[in] StackBase Stack base address.
182 @param[in] StackSize Stack size.
188 IN PHYSICAL_ADDRESS PhysicalAddress
,
189 IN OUT UINT64
*PageEntry2M
,
190 IN PHYSICAL_ADDRESS StackBase
,
194 PHYSICAL_ADDRESS PhysicalAddress4K
;
195 UINTN IndexOfPageTableEntries
;
196 PAGE_TABLE_4K_ENTRY
*PageTableEntry
;
197 PAGE_TABLE_4K_ENTRY
*PageTableEntry1
;
198 UINT64 AddressEncMask
;
200 PageTableEntry
= AllocatePageTableMemory (1);
202 PageTableEntry1
= PageTableEntry
;
204 AddressEncMask
= InternalGetMemEncryptionAddressMask ();
206 ASSERT (PageTableEntry
!= NULL
);
207 ASSERT (*PageEntry2M
& AddressEncMask
);
209 PhysicalAddress4K
= PhysicalAddress
;
210 for (IndexOfPageTableEntries
= 0;
211 IndexOfPageTableEntries
< 512;
212 (IndexOfPageTableEntries
++,
214 PhysicalAddress4K
+= SIZE_4KB
))
217 // Fill in the Page Table entries
219 PageTableEntry
->Uint64
= (UINT64
)PhysicalAddress4K
| AddressEncMask
;
220 PageTableEntry
->Bits
.ReadWrite
= 1;
221 PageTableEntry
->Bits
.Present
= 1;
222 if ((PhysicalAddress4K
>= StackBase
) &&
223 (PhysicalAddress4K
< StackBase
+ StackSize
))
226 // Set Nx bit for stack.
228 PageTableEntry
->Bits
.Nx
= 1;
233 // Fill in 2M page entry.
235 *PageEntry2M
= ((UINT64
)(UINTN
)PageTableEntry1
|
236 IA32_PG_P
| IA32_PG_RW
| AddressEncMask
);
240 Set one page of page table pool memory to be read-only.
242 @param[in] PageTableBase Base address of page table (CR3).
243 @param[in] Address Start address of a page to be set as read-only.
244 @param[in] Level4Paging Level 4 paging flag.
249 SetPageTablePoolReadOnly (
250 IN UINTN PageTableBase
,
251 IN EFI_PHYSICAL_ADDRESS Address
,
252 IN BOOLEAN Level4Paging
257 UINT64 AddressEncMask
;
258 EFI_PHYSICAL_ADDRESS PhysicalAddress
;
260 UINT64
*NewPageTable
;
268 ASSERT (PageTableBase
!= 0);
271 // Since the page table is always from page table pool, which is always
272 // located at the boundary of PcdPageTablePoolAlignment, we just need to
273 // set the whole pool unit to be read-only.
275 Address
= Address
& PAGE_TABLE_POOL_ALIGN_MASK
;
277 LevelShift
[1] = PAGING_L1_ADDRESS_SHIFT
;
278 LevelShift
[2] = PAGING_L2_ADDRESS_SHIFT
;
279 LevelShift
[3] = PAGING_L3_ADDRESS_SHIFT
;
280 LevelShift
[4] = PAGING_L4_ADDRESS_SHIFT
;
282 LevelMask
[1] = PAGING_4K_ADDRESS_MASK_64
;
283 LevelMask
[2] = PAGING_2M_ADDRESS_MASK_64
;
284 LevelMask
[3] = PAGING_1G_ADDRESS_MASK_64
;
285 LevelMask
[4] = PAGING_1G_ADDRESS_MASK_64
;
287 LevelSize
[1] = SIZE_4KB
;
288 LevelSize
[2] = SIZE_2MB
;
289 LevelSize
[3] = SIZE_1GB
;
290 LevelSize
[4] = SIZE_512GB
;
292 AddressEncMask
= InternalGetMemEncryptionAddressMask ();
293 PageTable
= (UINT64
*)(UINTN
)PageTableBase
;
294 PoolUnitSize
= PAGE_TABLE_POOL_UNIT_SIZE
;
296 for (Level
= (Level4Paging
) ? 4 : 3; Level
> 0; --Level
) {
297 Index
= ((UINTN
)RShiftU64 (Address
, LevelShift
[Level
]));
298 Index
&= PAGING_PAE_INDEX_MASK
;
300 PageAttr
= PageTable
[Index
];
301 if ((PageAttr
& IA32_PG_PS
) == 0) {
303 // Go to next level of table.
305 PageTable
= (UINT64
*)(UINTN
)(PageAttr
& ~AddressEncMask
&
306 PAGING_4K_ADDRESS_MASK_64
);
310 if (PoolUnitSize
>= LevelSize
[Level
]) {
312 // Clear R/W bit if current page granularity is not larger than pool unit
315 if ((PageAttr
& IA32_PG_RW
) != 0) {
316 while (PoolUnitSize
> 0) {
318 // PAGE_TABLE_POOL_UNIT_SIZE and PAGE_TABLE_POOL_ALIGNMENT are fit in
319 // one page (2MB). Then we don't need to update attributes for pages
320 // crossing page directory. ASSERT below is for that purpose.
322 ASSERT (Index
< EFI_PAGE_SIZE
/sizeof (UINT64
));
324 PageTable
[Index
] &= ~(UINT64
)IA32_PG_RW
;
325 PoolUnitSize
-= LevelSize
[Level
];
334 // The smaller granularity of page must be needed.
338 NewPageTable
= AllocatePageTableMemory (1);
339 ASSERT (NewPageTable
!= NULL
);
341 PhysicalAddress
= PageAttr
& LevelMask
[Level
];
343 EntryIndex
< EFI_PAGE_SIZE
/sizeof (UINT64
);
346 NewPageTable
[EntryIndex
] = PhysicalAddress
| AddressEncMask
|
347 IA32_PG_P
| IA32_PG_RW
;
349 NewPageTable
[EntryIndex
] |= IA32_PG_PS
;
352 PhysicalAddress
+= LevelSize
[Level
- 1];
355 PageTable
[Index
] = (UINT64
)(UINTN
)NewPageTable
| AddressEncMask
|
356 IA32_PG_P
| IA32_PG_RW
;
357 PageTable
= NewPageTable
;
363 Prevent the memory pages used for page table from been overwritten.
365 @param[in] PageTableBase Base address of page table (CR3).
366 @param[in] Level4Paging Level 4 paging flag.
371 EnablePageTableProtection (
372 IN UINTN PageTableBase
,
373 IN BOOLEAN Level4Paging
376 PAGE_TABLE_POOL
*HeadPool
;
377 PAGE_TABLE_POOL
*Pool
;
379 EFI_PHYSICAL_ADDRESS Address
;
381 if (mPageTablePool
== NULL
) {
386 // SetPageTablePoolReadOnly might update mPageTablePool. It's safer to
387 // remember original one in advance.
389 HeadPool
= mPageTablePool
;
392 Address
= (EFI_PHYSICAL_ADDRESS
)(UINTN
)Pool
;
393 PoolSize
= Pool
->Offset
+ EFI_PAGES_TO_SIZE (Pool
->FreePages
);
396 // The size of one pool must be multiple of PAGE_TABLE_POOL_UNIT_SIZE,
397 // which is one of page size of the processor (2MB by default). Let's apply
398 // the protection to them one by one.
400 while (PoolSize
> 0) {
401 SetPageTablePoolReadOnly (PageTableBase
, Address
, Level4Paging
);
402 Address
+= PAGE_TABLE_POOL_UNIT_SIZE
;
403 PoolSize
-= PAGE_TABLE_POOL_UNIT_SIZE
;
406 Pool
= Pool
->NextPool
;
407 } while (Pool
!= HeadPool
);
413 @param[in] PhysicalAddress Start physical address the 1G page
415 @param[in, out] PageEntry1G Pointer to 1G page entry.
416 @param[in] StackBase Stack base address.
417 @param[in] StackSize Stack size.
423 IN PHYSICAL_ADDRESS PhysicalAddress
,
424 IN OUT UINT64
*PageEntry1G
,
425 IN PHYSICAL_ADDRESS StackBase
,
429 PHYSICAL_ADDRESS PhysicalAddress2M
;
430 UINTN IndexOfPageDirectoryEntries
;
431 PAGE_TABLE_ENTRY
*PageDirectoryEntry
;
432 UINT64 AddressEncMask
;
434 PageDirectoryEntry
= AllocatePageTableMemory (1);
436 AddressEncMask
= InternalGetMemEncryptionAddressMask ();
437 ASSERT (PageDirectoryEntry
!= NULL
);
438 ASSERT (*PageEntry1G
& AddressEncMask
);
440 // Fill in 1G page entry.
442 *PageEntry1G
= ((UINT64
)(UINTN
)PageDirectoryEntry
|
443 IA32_PG_P
| IA32_PG_RW
| AddressEncMask
);
445 PhysicalAddress2M
= PhysicalAddress
;
446 for (IndexOfPageDirectoryEntries
= 0;
447 IndexOfPageDirectoryEntries
< 512;
448 (IndexOfPageDirectoryEntries
++,
449 PageDirectoryEntry
++,
450 PhysicalAddress2M
+= SIZE_2MB
))
452 if ((PhysicalAddress2M
< StackBase
+ StackSize
) &&
453 ((PhysicalAddress2M
+ SIZE_2MB
) > StackBase
))
456 // Need to split this 2M page that covers stack range.
460 (UINT64
*)PageDirectoryEntry
,
466 // Fill in the Page Directory entries
468 PageDirectoryEntry
->Uint64
= (UINT64
)PhysicalAddress2M
| AddressEncMask
;
469 PageDirectoryEntry
->Bits
.ReadWrite
= 1;
470 PageDirectoryEntry
->Bits
.Present
= 1;
471 PageDirectoryEntry
->Bits
.MustBe1
= 1;
477 Set or Clear the memory encryption bit
479 @param[in, out] PageTablePointer Page table entry pointer (PTE).
480 @param[in] Mode Set or Clear encryption bit
485 IN OUT UINT64
*PageTablePointer
,
486 IN MAP_RANGE_MODE Mode
489 UINT64 AddressEncMask
;
491 AddressEncMask
= InternalGetMemEncryptionAddressMask ();
493 if (Mode
== SetCBit
) {
494 *PageTablePointer
|= AddressEncMask
;
496 *PageTablePointer
&= ~AddressEncMask
;
501 Check the WP status in CR0 register. This bit is used to lock or unlock write
502 access to pages marked as read-only.
504 @retval TRUE Write protection is enabled.
505 @retval FALSE Write protection is disabled.
509 IsReadOnlyPageWriteProtected (
513 return ((AsmReadCr0 () & BIT16
) != 0);
517 Disable Write Protect on pages marked as read-only.
521 DisableReadOnlyPageWriteProtect (
525 AsmWriteCr0 (AsmReadCr0 () & ~BIT16
);
529 Enable Write Protect on pages marked as read-only.
533 EnableReadOnlyPageWriteProtect (
537 AsmWriteCr0 (AsmReadCr0 () | BIT16
);
542 InternalMemEncryptSevCreateIdentityMap1G (
543 IN PHYSICAL_ADDRESS Cr3BaseAddress
,
544 IN PHYSICAL_ADDRESS PhysicalAddress
,
548 PAGE_MAP_AND_DIRECTORY_POINTER
*PageMapLevel4Entry
;
549 PAGE_TABLE_1G_ENTRY
*PageDirectory1GEntry
;
551 UINT64 AddressEncMask
;
553 RETURN_STATUS Status
;
556 // Set PageMapLevel4Entry to suppress incorrect compiler/analyzer warnings.
558 PageMapLevel4Entry
= NULL
;
562 "%a:%a: Cr3Base=0x%Lx Physical=0x%Lx Length=0x%Lx\n",
571 return RETURN_INVALID_PARAMETER
;
575 // Check if we have a valid memory encryption mask
577 AddressEncMask
= InternalGetMemEncryptionAddressMask ();
578 if (!AddressEncMask
) {
579 return RETURN_ACCESS_DENIED
;
582 PgTableMask
= AddressEncMask
| EFI_PAGE_MASK
;
585 // Make sure that the page table is changeable.
587 IsWpEnabled
= IsReadOnlyPageWriteProtected ();
589 DisableReadOnlyPageWriteProtect ();
592 Status
= EFI_SUCCESS
;
596 // If Cr3BaseAddress is not specified then read the current CR3
598 if (Cr3BaseAddress
== 0) {
599 Cr3BaseAddress
= AsmReadCr3 ();
602 PageMapLevel4Entry
= (VOID
*)(Cr3BaseAddress
& ~PgTableMask
);
603 PageMapLevel4Entry
+= PML4_OFFSET (PhysicalAddress
);
604 if (!PageMapLevel4Entry
->Bits
.Present
) {
607 "%a:%a: bad PML4 for Physical=0x%Lx\n",
612 Status
= RETURN_NO_MAPPING
;
616 PageDirectory1GEntry
= (VOID
*)(
617 (PageMapLevel4Entry
->Bits
.PageTableBaseAddress
<<
620 PageDirectory1GEntry
+= PDP_OFFSET (PhysicalAddress
);
621 if (!PageDirectory1GEntry
->Bits
.Present
) {
622 PageDirectory1GEntry
->Bits
.Present
= 1;
623 PageDirectory1GEntry
->Bits
.MustBe1
= 1;
624 PageDirectory1GEntry
->Bits
.MustBeZero
= 0;
625 PageDirectory1GEntry
->Bits
.ReadWrite
= 1;
626 PageDirectory1GEntry
->Uint64
|= (UINT64
)PhysicalAddress
| AddressEncMask
;
629 if (Length
<= BIT30
) {
635 PhysicalAddress
+= BIT30
;
645 // Restore page table write protection, if any.
648 EnableReadOnlyPageWriteProtect ();
655 This function either sets or clears memory encryption bit for the memory
656 region specified by PhysicalAddress and Length from the current page table
659 The function iterates through the PhysicalAddress one page at a time, and set
660 or clears the memory encryption mask in the page table. If it encounters
661 that a given physical address range is part of large page then it attempts to
662 change the attribute at one go (based on size), otherwise it splits the
663 large pages into smaller (e.g 2M page into 4K pages) and then try to set or
664 clear the encryption bit on the smallest page size.
666 @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use
668 @param[in] PhysicalAddress The physical address that is the start
669 address of a memory region.
670 @param[in] Length The length of memory region
671 @param[in] Mode Set or Clear mode
672 @param[in] CacheFlush Flush the caches before applying the
674 @param[in] Mmio The physical address specified is Mmio
676 @retval RETURN_SUCCESS The attributes were cleared for the
678 @retval RETURN_INVALID_PARAMETER Number of pages is zero.
679 @retval RETURN_UNSUPPORTED Setting the memory encyrption attribute
686 IN PHYSICAL_ADDRESS Cr3BaseAddress
,
687 IN PHYSICAL_ADDRESS PhysicalAddress
,
689 IN MAP_RANGE_MODE Mode
,
690 IN BOOLEAN CacheFlush
,
694 PAGE_MAP_AND_DIRECTORY_POINTER
*PageMapLevel4Entry
;
695 PAGE_MAP_AND_DIRECTORY_POINTER
*PageUpperDirectoryPointerEntry
;
696 PAGE_MAP_AND_DIRECTORY_POINTER
*PageDirectoryPointerEntry
;
697 PAGE_TABLE_1G_ENTRY
*PageDirectory1GEntry
;
698 PAGE_TABLE_ENTRY
*PageDirectory2MEntry
;
699 PHYSICAL_ADDRESS OrigPhysicalAddress
;
700 PAGE_TABLE_4K_ENTRY
*PageTableEntry
;
702 UINT64 AddressEncMask
;
705 RETURN_STATUS Status
;
708 // Set PageMapLevel4Entry to suppress incorrect compiler/analyzer warnings.
710 PageMapLevel4Entry
= NULL
;
714 "%a:%a: Cr3Base=0x%Lx Physical=0x%Lx Length=0x%Lx Mode=%a CacheFlush=%u Mmio=%u\n",
720 (Mode
== SetCBit
) ? "Encrypt" : "Decrypt",
726 // Check if we have a valid memory encryption mask
728 AddressEncMask
= InternalGetMemEncryptionAddressMask ();
729 if (!AddressEncMask
) {
730 return RETURN_ACCESS_DENIED
;
733 PgTableMask
= AddressEncMask
| EFI_PAGE_MASK
;
736 return RETURN_INVALID_PARAMETER
;
740 // We are going to change the memory encryption attribute from C=0 -> C=1 or
741 // vice versa Flush the caches to ensure that data is written into memory
742 // with correct C-bit
745 WriteBackInvalidateDataCacheRange ((VOID
*)(UINTN
)PhysicalAddress
, Length
);
749 // Make sure that the page table is changeable.
751 IsWpEnabled
= IsReadOnlyPageWriteProtected ();
753 DisableReadOnlyPageWriteProtect ();
756 Status
= EFI_SUCCESS
;
759 // To maintain the security gurantees we must set the page to shared in the RMP
760 // table before clearing the memory encryption mask from the current page table.
762 // The InternalSetPageState() is used for setting the page state in the RMP table.
764 if (!Mmio
&& (Mode
== ClearCBit
) && MemEncryptSevSnpIsEnabled ()) {
765 InternalSetPageState (PhysicalAddress
, EFI_SIZE_TO_PAGES (Length
), SevSnpPageShared
, FALSE
);
769 // Save the specified length and physical address (we need it later).
772 OrigPhysicalAddress
= PhysicalAddress
;
774 while (Length
!= 0) {
776 // If Cr3BaseAddress is not specified then read the current CR3
778 if (Cr3BaseAddress
== 0) {
779 Cr3BaseAddress
= AsmReadCr3 ();
782 PageMapLevel4Entry
= (VOID
*)(Cr3BaseAddress
& ~PgTableMask
);
783 PageMapLevel4Entry
+= PML4_OFFSET (PhysicalAddress
);
784 if (!PageMapLevel4Entry
->Bits
.Present
) {
787 "%a:%a: bad PML4 for Physical=0x%Lx\n",
792 Status
= RETURN_NO_MAPPING
;
796 PageDirectory1GEntry
= (VOID
*)(
797 (PageMapLevel4Entry
->Bits
.PageTableBaseAddress
<<
800 PageDirectory1GEntry
+= PDP_OFFSET (PhysicalAddress
);
801 if (!PageDirectory1GEntry
->Bits
.Present
) {
804 "%a:%a: bad PDPE for Physical=0x%Lx\n",
809 Status
= RETURN_NO_MAPPING
;
814 // If the MustBe1 bit is not 1, it's not actually a 1GB entry
816 if (PageDirectory1GEntry
->Bits
.MustBe1
) {
819 // If we have at least 1GB to go, we can just update this entry
821 if (((PhysicalAddress
& (BIT30
- 1)) == 0) && (Length
>= BIT30
)) {
822 SetOrClearCBit (&PageDirectory1GEntry
->Uint64
, Mode
);
825 "%a:%a: updated 1GB entry for Physical=0x%Lx\n",
830 PhysicalAddress
+= BIT30
;
834 // We must split the page
838 "%a:%a: splitting 1GB page for Physical=0x%Lx\n",
844 (UINT64
)PageDirectory1GEntry
->Bits
.PageTableBaseAddress
<< 30,
845 (UINT64
*)PageDirectory1GEntry
,
855 PageUpperDirectoryPointerEntry
=
856 (PAGE_MAP_AND_DIRECTORY_POINTER
*)PageDirectory1GEntry
;
857 PageDirectory2MEntry
=
859 (PageUpperDirectoryPointerEntry
->Bits
.PageTableBaseAddress
<<
862 PageDirectory2MEntry
+= PDE_OFFSET (PhysicalAddress
);
863 if (!PageDirectory2MEntry
->Bits
.Present
) {
866 "%a:%a: bad PDE for Physical=0x%Lx\n",
871 Status
= RETURN_NO_MAPPING
;
876 // If the MustBe1 bit is not a 1, it's not a 2MB entry
878 if (PageDirectory2MEntry
->Bits
.MustBe1
) {
881 // If we have at least 2MB left to go, we can just update this entry
883 if (((PhysicalAddress
& (BIT21
-1)) == 0) && (Length
>= BIT21
)) {
884 SetOrClearCBit (&PageDirectory2MEntry
->Uint64
, Mode
);
885 PhysicalAddress
+= BIT21
;
889 // We must split up this page into 4K pages
893 "%a:%a: splitting 2MB page for Physical=0x%Lx\n",
899 (UINT64
)PageDirectory2MEntry
->Bits
.PageTableBaseAddress
<< 21,
900 (UINT64
*)PageDirectory2MEntry
,
907 PageDirectoryPointerEntry
=
908 (PAGE_MAP_AND_DIRECTORY_POINTER
*)PageDirectory2MEntry
;
911 (PageDirectoryPointerEntry
->Bits
.PageTableBaseAddress
<<
914 PageTableEntry
+= PTE_OFFSET (PhysicalAddress
);
915 if (!PageTableEntry
->Bits
.Present
) {
918 "%a:%a: bad PTE for Physical=0x%Lx\n",
923 Status
= RETURN_NO_MAPPING
;
927 SetOrClearCBit (&PageTableEntry
->Uint64
, Mode
);
928 PhysicalAddress
+= EFI_PAGE_SIZE
;
929 Length
-= EFI_PAGE_SIZE
;
935 // Protect the page table by marking the memory used for page table to be
939 EnablePageTableProtection ((UINTN
)PageMapLevel4Entry
, TRUE
);
948 // SEV-SNP requires that all the private pages (i.e pages mapped encrypted) must be
949 // added in the RMP table before the access.
951 // The InternalSetPageState() is used for setting the page state in the RMP table.
953 if ((Mode
== SetCBit
) && MemEncryptSevSnpIsEnabled ()) {
954 InternalSetPageState (
956 EFI_SIZE_TO_PAGES (OrigLength
),
964 // Restore page table write protection, if any.
967 EnableReadOnlyPageWriteProtect ();
974 This function clears memory encryption bit for the memory region specified by
975 PhysicalAddress and Length from the current page table context.
977 @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use
979 @param[in] PhysicalAddress The physical address that is the start
980 address of a memory region.
981 @param[in] Length The length of memory region
983 @retval RETURN_SUCCESS The attributes were cleared for the
985 @retval RETURN_INVALID_PARAMETER Number of pages is zero.
986 @retval RETURN_UNSUPPORTED Clearing the memory encyrption attribute
991 InternalMemEncryptSevSetMemoryDecrypted (
992 IN PHYSICAL_ADDRESS Cr3BaseAddress
,
993 IN PHYSICAL_ADDRESS PhysicalAddress
,
997 return SetMemoryEncDec (
1008 This function sets memory encryption bit for the memory region specified by
1009 PhysicalAddress and Length from the current page table context.
1011 @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use
1013 @param[in] PhysicalAddress The physical address that is the start
1014 address of a memory region.
1015 @param[in] Length The length of memory region
1017 @retval RETURN_SUCCESS The attributes were set for the memory
1019 @retval RETURN_INVALID_PARAMETER Number of pages is zero.
1020 @retval RETURN_UNSUPPORTED Setting the memory encyrption attribute
1025 InternalMemEncryptSevSetMemoryEncrypted (
1026 IN PHYSICAL_ADDRESS Cr3BaseAddress
,
1027 IN PHYSICAL_ADDRESS PhysicalAddress
,
1031 return SetMemoryEncDec (
1042 This function clears memory encryption bit for the MMIO region specified by
1043 PhysicalAddress and Length.
1045 @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use
1047 @param[in] PhysicalAddress The physical address that is the start
1048 address of a MMIO region.
1049 @param[in] Length The length of memory region
1051 @retval RETURN_SUCCESS The attributes were cleared for the
1053 @retval RETURN_INVALID_PARAMETER Length is zero.
1054 @retval RETURN_UNSUPPORTED Clearing the memory encyrption attribute
1059 InternalMemEncryptSevClearMmioPageEncMask (
1060 IN PHYSICAL_ADDRESS Cr3BaseAddress
,
1061 IN PHYSICAL_ADDRESS PhysicalAddress
,
1065 return SetMemoryEncDec (