projects / mirror_edk2.git / blame
| Commit | Line | Data |
|---|---|---|
| 24e4ad75 BS |
1 | /** @file\r |
| 2 | \r | |
| 3 | AMD Sev Dxe driver. This driver is dispatched early in DXE, due to being list\r | |
| c16d4e35 LE |
4 | in APRIORI. It clears C-bit from MMIO and NonExistent Memory space when SEV\r |
| 5 | is enabled.\r | |
| 24e4ad75 BS |
6 | \r |
| 7 | Copyright (c) 2017, AMD Inc. All rights reserved.<BR>\r | |
| 8 | \r | |
| c16d4e35 LE |
9 | This program and the accompanying materials are licensed and made available\r |
| 10 | under the terms and conditions of the BSD License which accompanies this\r | |
| 11 | distribution. The full text of the license may be found at\r | |
| 12 | http://opensource.org/licenses/bsd-license.php\r | |
| 24e4ad75 | 13 | \r |
| c16d4e35 LE |
14 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, WITHOUT\r |
| 15 | WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
| 24e4ad75 BS |
16 | \r |
| 17 | **/\r | |
| 18 | \r | |
| 5e2e5647 LE |
19 | #include <Library/BaseLib.h>\r |
| 20 | #include <Library/BaseMemoryLib.h>\r | |
| c6073a0e | 21 | #include <Library/DebugLib.h>\r |
| 24e4ad75 BS |
22 | #include <Library/DxeServicesTableLib.h>\r |
| 23 | #include <Library/MemEncryptSevLib.h>\r | |
| c6073a0e | 24 | #include <Library/MemoryAllocationLib.h>\r |
| 5e2e5647 | 25 | #include <Library/PcdLib.h>\r |
| 24e4ad75 BS |
26 | \r |
| 27 | EFI_STATUS\r | |
| 28 | EFIAPI\r | |
| 29 | AmdSevDxeEntryPoint (\r | |
| 30 | IN EFI_HANDLE ImageHandle,\r | |
| 31 | IN EFI_SYSTEM_TABLE *SystemTable\r | |
| 32 | )\r | |
| 33 | {\r | |
| 34 | EFI_STATUS Status;\r | |
| 35 | EFI_GCD_MEMORY_SPACE_DESCRIPTOR *AllDescMap;\r | |
| 36 | UINTN NumEntries;\r | |
| 37 | UINTN Index;\r | |
| 38 | \r | |
| 39 | //\r | |
| 40 | // Do nothing when SEV is not enabled\r | |
| 41 | //\r | |
| 42 | if (!MemEncryptSevIsEnabled ()) {\r | |
| 43 | return EFI_UNSUPPORTED;\r | |
| 44 | }\r | |
| 45 | \r | |
| 46 | //\r | |
| 47 | // Iterate through the GCD map and clear the C-bit from MMIO and NonExistent\r | |
| c16d4e35 LE |
48 | // memory space. The NonExistent memory space will be used for mapping the\r |
| 49 | // MMIO space added later (eg PciRootBridge). By clearing both known MMIO and\r | |
| 24e4ad75 BS |
50 | // NonExistent memory space can gurantee that current and furture MMIO adds\r |
| 51 | // will have C-bit cleared.\r | |
| 52 | //\r | |
| 53 | Status = gDS->GetMemorySpaceMap (&NumEntries, &AllDescMap);\r | |
| 54 | if (!EFI_ERROR (Status)) {\r | |
| 55 | for (Index = 0; Index < NumEntries; Index++) {\r | |
| 56 | CONST EFI_GCD_MEMORY_SPACE_DESCRIPTOR *Desc;\r | |
| 57 | \r | |
| 58 | Desc = &AllDescMap[Index];\r | |
| 59 | if (Desc->GcdMemoryType == EfiGcdMemoryTypeMemoryMappedIo ||\r | |
| 60 | Desc->GcdMemoryType == EfiGcdMemoryTypeNonExistent) {\r | |
| c16d4e35 LE |
61 | Status = MemEncryptSevClearPageEncMask (\r |
| 62 | 0,\r | |
| 63 | Desc->BaseAddress,\r | |
| 64 | EFI_SIZE_TO_PAGES (Desc->Length),\r | |
| 65 | FALSE\r | |
| 66 | );\r | |
| 24e4ad75 BS |
67 | ASSERT_EFI_ERROR (Status);\r |
| 68 | }\r | |
| 69 | }\r | |
| 70 | \r | |
| 71 | FreePool (AllDescMap);\r | |
| 72 | }\r | |
| 73 | \r | |
| 5e2e5647 LE |
74 | //\r |
| 75 | // When SMM is enabled, clear the C-bit from SMM Saved State Area\r | |
| 76 | //\r | |
| 77 | // NOTES: The SavedStateArea address cleared here is before SMBASE\r | |
| 78 | // relocation. Currently, we do not clear the SavedStateArea address after\r | |
| 79 | // SMBASE is relocated due to the following reasons:\r | |
| 80 | //\r | |
| 81 | // 1) Guest BIOS never access the relocated SavedStateArea.\r | |
| 82 | //\r | |
| 83 | // 2) The C-bit works on page-aligned address, but the SavedStateArea\r | |
| 84 | // address is not a page-aligned. Theoretically, we could roundup the address\r | |
| 85 | // and clear the C-bit of aligned address but looking carefully we found\r | |
| 86 | // that some portion of the page contains code -- which will causes a bigger\r | |
| 87 | // issues for SEV guest. When SEV is enabled, all the code must be encrypted\r | |
| 88 | // otherwise hardware will cause trap.\r | |
| 89 | //\r | |
| 90 | // We restore the C-bit for this SMM Saved State Area after SMBASE relocation\r | |
| 91 | // is completed (See OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.c).\r | |
| 92 | //\r | |
| 93 | if (FeaturePcdGet (PcdSmmSmramRequire)) {\r | |
| 94 | UINTN MapPagesBase;\r | |
| 95 | UINTN MapPagesCount;\r | |
| 96 | \r | |
| 97 | Status = MemEncryptSevLocateInitialSmramSaveStateMapPages (\r | |
| 98 | &MapPagesBase,\r | |
| 99 | &MapPagesCount\r | |
| 100 | );\r | |
| 101 | ASSERT_EFI_ERROR (Status);\r | |
| 102 | \r | |
| 103 | //\r | |
| 104 | // Although these pages were set aside (i.e., allocated) by PlatformPei, we\r | |
| 105 | // could be after a warm reboot from the OS. Don't leak any stale OS data\r | |
| 106 | // to the hypervisor.\r | |
| 107 | //\r | |
| 108 | ZeroMem ((VOID *)MapPagesBase, EFI_PAGES_TO_SIZE (MapPagesCount));\r | |
| 109 | \r | |
| 110 | Status = MemEncryptSevClearPageEncMask (\r | |
| 111 | 0, // Cr3BaseAddress -- use current CR3\r | |
| 112 | MapPagesBase, // BaseAddress\r | |
| 113 | MapPagesCount, // NumPages\r | |
| 114 | TRUE // Flush\r | |
| 115 | );\r | |
| 116 | if (EFI_ERROR (Status)) {\r | |
| 117 | DEBUG ((DEBUG_ERROR, "%a: MemEncryptSevClearPageEncMask(): %r\n",\r | |
| 118 | __FUNCTION__, Status));\r | |
| 119 | ASSERT (FALSE);\r | |
| 120 | CpuDeadLoop ();\r | |
| 121 | }\r | |
| 122 | }\r | |
| 123 | \r | |
| 24e4ad75 BS |
124 | return EFI_SUCCESS;\r |
| 125 | }\r |