]> git.proxmox.com Git - mirror_edk2.git/blame - OvmfPkg/IoMmuDxe/AmdSevIoMmu.c
projects / mirror_edk2.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
OvmfPkg/PlatformDxe: list "Platform.h" in the INF file
[mirror_edk2.git] / OvmfPkg / IoMmuDxe / AmdSevIoMmu.c
CommitLineData
f9d129e6
BS		 1/** @file\r
2\r
812568fb
LE		 3 The protocol provides support to allocate, free, map and umap a DMA buffer\r
4 for bus master (e.g PciHostBridge). When SEV is enabled, the DMA operations\r
5 must be performed on unencrypted buffer hence we use a bounce buffer to map\r
6 the guest buffer into an unencrypted DMA buffer.\r
f9d129e6
BS		 7\r
8 Copyright (c) 2017, AMD Inc. All rights reserved.<BR>\r
9 Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>\r
10\r
11 This program and the accompanying materials are licensed and made available\r
12 under the terms and conditions of the BSD License which accompanies this\r
13 distribution. The full text of the license may be found at\r
14 http://opensource.org/licenses/bsd-license.php\r
15\r
16 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
17 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
18\r
19**/\r
20\r
21#include "AmdSevIoMmu.h"\r
22\r
d0c9afea
LE		 23#define MAP_INFO_SIG SIGNATURE_64 ('M', 'A', 'P', '_', 'I', 'N', 'F', 'O')\r
24\r
f9d129e6 25typedef struct {\r
d0c9afea
LE		 26 UINT64 Signature;\r
27 LIST_ENTRY Link;\r
f9d129e6
BS		 28 EDKII_IOMMU_OPERATION Operation;\r
29 UINTN NumberOfBytes;\r
30 UINTN NumberOfPages;\r
c7ef2ed2 31 EFI_PHYSICAL_ADDRESS CryptedAddress;\r
dc194ce3 32 EFI_PHYSICAL_ADDRESS PlainTextAddress;\r
f9d129e6
BS		 33} MAP_INFO;\r
34\r
d0c9afea 35//\r
9ed745b9
LE		 36// List of the MAP_INFO structures that have been set up by IoMmuMap() and not\r
37// yet torn down by IoMmuUnmap(). The list represents the full set of mappings\r
38// currently in effect.\r
d0c9afea 39//\r
9ed745b9 40STATIC LIST_ENTRY mMapInfos = INITIALIZE_LIST_HEAD_VARIABLE (mMapInfos);\r
d0c9afea 41\r
58e68140
LE		 42#define COMMON_BUFFER_SIG SIGNATURE_64 ('C', 'M', 'N', 'B', 'U', 'F', 'F', 'R')\r
43\r
2ad6ba80
LE		 44//\r
45// ASCII names for EDKII_IOMMU_OPERATION constants, for debug logging.\r
46//\r
47STATIC CONST CHAR8 * CONST\r
48mBusMasterOperationName[EdkiiIoMmuOperationMaximum] = {\r
49 "Read",\r
50 "Write",\r
51 "CommonBuffer",\r
52 "Read64",\r
53 "Write64",\r
54 "CommonBuffer64"\r
55};\r
56\r
58e68140
LE		 57//\r
58// The following structure enables Map() and Unmap() to perform in-place\r
59// decryption and encryption, respectively, for BusMasterCommonBuffer[64]\r
60// operations, without dynamic memory allocation or release.\r
61//\r
62// Both COMMON_BUFFER_HEADER and COMMON_BUFFER_HEADER.StashBuffer are allocated\r
63// by AllocateBuffer() and released by FreeBuffer().\r
64//\r
65#pragma pack (1)\r
66typedef struct {\r
67 UINT64 Signature;\r
68\r
69 //\r
70 // Always allocated from EfiBootServicesData type memory, and always\r
71 // encrypted.\r
72 //\r
73 VOID *StashBuffer;\r
74\r
75 //\r
76 // Followed by the actual common buffer, starting at the next page.\r
77 //\r
78} COMMON_BUFFER_HEADER;\r
79#pragma pack ()\r
f9d129e6
BS		 80\r
81/**\r
812568fb
LE		 82 Provides the controller-specific addresses required to access system memory\r
83 from a DMA bus master. On SEV guest, the DMA operations must be performed on\r
84 shared buffer hence we allocate a bounce buffer to map the HostAddress to a\r
85 DeviceAddress. The Encryption attribute is removed from the DeviceAddress\r
86 buffer.\r
f9d129e6
BS		 87\r
88 @param This The protocol instance pointer.\r
89 @param Operation Indicates if the bus master is going to read or\r
90 write to system memory.\r
812568fb
LE		 91 @param HostAddress The system memory address to map to the PCI\r
92 controller.\r
f9d129e6 93 @param NumberOfBytes On input the number of bytes to map. On output\r
812568fb
LE		 94 the number of bytes that were mapped.\r
95 @param DeviceAddress The resulting map address for the bus master\r
96 PCI controller to use to access the hosts\r
97 HostAddress.\r
f9d129e6
BS		 98 @param Mapping A resulting value to pass to Unmap().\r
99\r
812568fb
LE		 100 @retval EFI_SUCCESS The range was mapped for the returned\r
101 NumberOfBytes.\r
102 @retval EFI_UNSUPPORTED The HostAddress cannot be mapped as a common\r
103 buffer.\r
f9d129e6 104 @retval EFI_INVALID_PARAMETER One or more parameters are invalid.\r
812568fb
LE		 105 @retval EFI_OUT_OF_RESOURCES The request could not be completed due to a\r
106 lack of resources.\r
107 @retval EFI_DEVICE_ERROR The system hardware could not map the requested\r
108 address.\r
f9d129e6
BS		 109\r
110**/\r
111EFI_STATUS\r
112EFIAPI\r
113IoMmuMap (\r
114 IN EDKII_IOMMU_PROTOCOL *This,\r
115 IN EDKII_IOMMU_OPERATION Operation,\r
116 IN VOID *HostAddress,\r
117 IN OUT UINTN *NumberOfBytes,\r
118 OUT EFI_PHYSICAL_ADDRESS *DeviceAddress,\r
119 OUT VOID **Mapping\r
120 )\r
121{\r
122 EFI_STATUS Status;\r
f9d129e6 123 MAP_INFO *MapInfo;\r
f9d129e6 124 EFI_ALLOCATE_TYPE AllocateType;\r
58e68140
LE		 125 COMMON_BUFFER_HEADER *CommonBufferHeader;\r
126 VOID *DecryptionSource;\r
f9d129e6 127\r
2ad6ba80
LE		 128 DEBUG ((\r
129 DEBUG_VERBOSE,\r
130 "%a: Operation=%a Host=0x%p Bytes=0x%Lx\n",\r
131 __FUNCTION__,\r
132 ((Operation >= 0 &&\r
133 Operation < ARRAY_SIZE (mBusMasterOperationName)) ?\r
134 mBusMasterOperationName[Operation] :\r
135 "Invalid"),\r
136 HostAddress,\r
137 (UINT64)((NumberOfBytes == NULL) ? 0 : *NumberOfBytes)\r
138 ));\r
139\r
f9d129e6
BS		 140 if (HostAddress == NULL || NumberOfBytes == NULL || DeviceAddress == NULL ||\r
141 Mapping == NULL) {\r
142 return EFI_INVALID_PARAMETER;\r
143 }\r
144\r
f9d129e6
BS		 145 //\r
146 // Allocate a MAP_INFO structure to remember the mapping when Unmap() is\r
147 // called later.\r
148 //\r
9ed745b9
LE		 149 MapInfo = AllocatePool (sizeof (MAP_INFO));\r
150 if (MapInfo == NULL) {\r
151 Status = EFI_OUT_OF_RESOURCES;\r
152 goto Failed;\r
f9d129e6
BS		 153 }\r
154\r
155 //\r
e130229c 156 // Initialize the MAP_INFO structure, except the PlainTextAddress field\r
f9d129e6 157 //\r
d0c9afea
LE		 158 ZeroMem (&MapInfo->Link, sizeof MapInfo->Link);\r
159 MapInfo->Signature = MAP_INFO_SIG;\r
f9d129e6
BS		 160 MapInfo->Operation = Operation;\r
161 MapInfo->NumberOfBytes = *NumberOfBytes;\r
162 MapInfo->NumberOfPages = EFI_SIZE_TO_PAGES (MapInfo->NumberOfBytes);\r
e130229c 163 MapInfo->CryptedAddress = (UINTN)HostAddress;\r
f9d129e6
BS		 164\r
165 //\r
e130229c 166 // In the switch statement below, we point "MapInfo->PlainTextAddress" to the\r
58e68140 167 // plaintext buffer, according to Operation. We also set "DecryptionSource".\r
e130229c
LE		 168 //\r
169 MapInfo->PlainTextAddress = MAX_ADDRESS;\r
170 AllocateType = AllocateAnyPages;\r
58e68140 171 DecryptionSource = (VOID *)(UINTN)MapInfo->CryptedAddress;\r
e130229c
LE		 172 switch (Operation) {\r
173 //\r
174 // For BusMasterRead[64] and BusMasterWrite[64] operations, a bounce buffer\r
175 // is necessary regardless of whether the original (crypted) buffer crosses\r
176 // the 4GB limit or not -- we have to allocate a separate plaintext buffer.\r
177 // The only variable is whether the plaintext buffer should be under 4GB.\r
f9d129e6 178 //\r
e130229c
LE		 179 case EdkiiIoMmuOperationBusMasterRead:\r
180 case EdkiiIoMmuOperationBusMasterWrite:\r
181 MapInfo->PlainTextAddress = BASE_4GB - 1;\r
182 AllocateType = AllocateMaxAddress;\r
183 //\r
184 // fall through\r
185 //\r
186 case EdkiiIoMmuOperationBusMasterRead64:\r
187 case EdkiiIoMmuOperationBusMasterWrite64:\r
188 //\r
189 // Allocate the implicit plaintext bounce buffer.\r
190 //\r
191 Status = gBS->AllocatePages (\r
192 AllocateType,\r
193 EfiBootServicesData,\r
194 MapInfo->NumberOfPages,\r
195 &MapInfo->PlainTextAddress\r
196 );\r
197 if (EFI_ERROR (Status)) {\r
198 goto FreeMapInfo;\r
199 }\r
200 break;\r
201\r
202 //\r
58e68140
LE		 203 // For BusMasterCommonBuffer[64] operations, a to-be-plaintext buffer and a\r
204 // stash buffer (for in-place decryption) have been allocated already, with\r
205 // AllocateBuffer(). We only check whether the address of the to-be-plaintext\r
206 // buffer is low enough for the requested operation.\r
e130229c
LE		 207 //\r
208 case EdkiiIoMmuOperationBusMasterCommonBuffer:\r
209 if ((MapInfo->CryptedAddress > BASE_4GB) ||\r
210 (EFI_PAGES_TO_SIZE (MapInfo->NumberOfPages) >\r
211 BASE_4GB - MapInfo->CryptedAddress)) {\r
212 //\r
213 // CommonBuffer operations cannot be remapped. If the common buffer is\r
214 // above 4GB, then it is not possible to generate a mapping, so return an\r
215 // error.\r
216 //\r
217 Status = EFI_UNSUPPORTED;\r
218 goto FreeMapInfo;\r
219 }\r
220 //\r
221 // fall through\r
222 //\r
223 case EdkiiIoMmuOperationBusMasterCommonBuffer64:\r
224 //\r
58e68140 225 // The buffer at MapInfo->CryptedAddress comes from AllocateBuffer().\r
e130229c
LE		 226 //\r
227 MapInfo->PlainTextAddress = MapInfo->CryptedAddress;\r
e130229c 228 //\r
58e68140
LE		 229 // Stash the crypted data.\r
230 //\r
231 CommonBufferHeader = (COMMON_BUFFER_HEADER *)(\r
232 (UINTN)MapInfo->CryptedAddress - EFI_PAGE_SIZE\r
233 );\r
234 ASSERT (CommonBufferHeader->Signature == COMMON_BUFFER_SIG);\r
235 CopyMem (\r
236 CommonBufferHeader->StashBuffer,\r
237 (VOID *)(UINTN)MapInfo->CryptedAddress,\r
238 MapInfo->NumberOfBytes\r
239 );\r
240 //\r
241 // Point "DecryptionSource" to the stash buffer so that we decrypt\r
242 // it to the original location, after the switch statement.\r
e130229c 243 //\r
58e68140
LE		 244 DecryptionSource = CommonBufferHeader->StashBuffer;\r
245 break;\r
e130229c
LE		 246\r
247 default:\r
248 //\r
249 // Operation is invalid\r
250 //\r
251 Status = EFI_INVALID_PARAMETER;\r
252 goto FreeMapInfo;\r
f9d129e6
BS		 253 }\r
254\r
255 //\r
e130229c 256 // Clear the memory encryption mask on the plaintext buffer.\r
f9d129e6 257 //\r
812568fb
LE		 258 Status = MemEncryptSevClearPageEncMask (\r
259 0,\r
dc194ce3 260 MapInfo->PlainTextAddress,\r
812568fb
LE		 261 MapInfo->NumberOfPages,\r
262 TRUE\r
263 );\r
f1658838
LE		 264 ASSERT_EFI_ERROR (Status);\r
265 if (EFI_ERROR (Status)) {\r
266 CpuDeadLoop ();\r
267 }\r
f9d129e6
BS		 268\r
269 //\r
270 // If this is a read operation from the Bus Master's point of view,\r
271 // then copy the contents of the real buffer into the mapped buffer\r
272 // so the Bus Master can read the contents of the real buffer.\r
273 //\r
58e68140
LE		 274 // For BusMasterCommonBuffer[64] operations, the CopyMem() below will decrypt\r
275 // the original data (from the stash buffer) back to the original location.\r
276 //\r
f9d129e6 277 if (Operation == EdkiiIoMmuOperationBusMasterRead ||\r
58e68140
LE		 278 Operation == EdkiiIoMmuOperationBusMasterRead64 ||\r
279 Operation == EdkiiIoMmuOperationBusMasterCommonBuffer ||\r
280 Operation == EdkiiIoMmuOperationBusMasterCommonBuffer64) {\r
f9d129e6 281 CopyMem (\r
dc194ce3 282 (VOID *) (UINTN) MapInfo->PlainTextAddress,\r
58e68140 283 DecryptionSource,\r
f9d129e6
BS		 284 MapInfo->NumberOfBytes\r
285 );\r
286 }\r
287\r
9ed745b9
LE		 288 //\r
289 // Track all MAP_INFO structures.\r
290 //\r
291 InsertHeadList (&mMapInfos, &MapInfo->Link);\r
f9d129e6 292 //\r
e130229c 293 // Populate output parameters.\r
f9d129e6 294 //\r
dc194ce3 295 *DeviceAddress = MapInfo->PlainTextAddress;\r
f9d129e6
BS		 296 *Mapping = MapInfo;\r
297\r
812568fb
LE		 298 DEBUG ((\r
299 DEBUG_VERBOSE,\r
2ad6ba80 300 "%a: Mapping=0x%p Device(PlainText)=0x%Lx Crypted=0x%Lx Pages=0x%Lx\n",\r
812568fb 301 __FUNCTION__,\r
2ad6ba80 302 MapInfo,\r
dc194ce3 303 MapInfo->PlainTextAddress,\r
c7ef2ed2 304 MapInfo->CryptedAddress,\r
2ad6ba80 305 (UINT64)MapInfo->NumberOfPages\r
812568fb 306 ));\r
f9d129e6
BS		 307\r
308 return EFI_SUCCESS;\r
e130229c
LE		 309\r
310FreeMapInfo:\r
311 FreePool (MapInfo);\r
312\r
313Failed:\r
314 *NumberOfBytes = 0;\r
315 return Status;\r
f9d129e6
BS		 316}\r
317\r
318/**\r
319 Completes the Map() operation and releases any corresponding resources.\r
320\r
550acd08
LE		 321 This is an internal worker function that only extends the Map() API with\r
322 the MemoryMapLocked parameter.\r
323\r
f9d129e6
BS		 324 @param This The protocol instance pointer.\r
325 @param Mapping The mapping value returned from Map().\r
550acd08
LE		 326 @param MemoryMapLocked The function is executing on the stack of\r
327 gBS->ExitBootServices(); changes to the UEFI\r
328 memory map are forbidden.\r
f9d129e6
BS		 329\r
330 @retval EFI_SUCCESS The range was unmapped.\r
812568fb
LE		 331 @retval EFI_INVALID_PARAMETER Mapping is not a value that was returned by\r
332 Map().\r
333 @retval EFI_DEVICE_ERROR The data was not committed to the target system\r
334 memory.\r
f9d129e6 335**/\r
550acd08 336STATIC\r
f9d129e6
BS		 337EFI_STATUS\r
338EFIAPI\r
550acd08 339IoMmuUnmapWorker (\r
f9d129e6 340 IN EDKII_IOMMU_PROTOCOL *This,\r
550acd08
LE		 341 IN VOID *Mapping,\r
342 IN BOOLEAN MemoryMapLocked\r
f9d129e6
BS		 343 )\r
344{\r
345 MAP_INFO *MapInfo;\r
346 EFI_STATUS Status;\r
58e68140
LE		 347 COMMON_BUFFER_HEADER *CommonBufferHeader;\r
348 VOID *EncryptionTarget;\r
f9d129e6 349\r
550acd08
LE		 350 DEBUG ((\r
351 DEBUG_VERBOSE,\r
352 "%a: Mapping=0x%p MemoryMapLocked=%d\n",\r
353 __FUNCTION__,\r
354 Mapping,\r
355 MemoryMapLocked\r
356 ));\r
a1d6a9dc 357\r
f9d129e6
BS		 358 if (Mapping == NULL) {\r
359 return EFI_INVALID_PARAMETER;\r
360 }\r
361\r
58e68140
LE		 362 MapInfo = (MAP_INFO *)Mapping;\r
363\r
f9d129e6 364 //\r
58e68140 365 // set CommonBufferHeader to suppress incorrect compiler/analyzer warnings\r
f9d129e6 366 //\r
58e68140 367 CommonBufferHeader = NULL;\r
f9d129e6
BS		 368\r
369 //\r
58e68140
LE		 370 // For BusMasterWrite[64] operations and BusMasterCommonBuffer[64] operations\r
371 // we have to encrypt the results, ultimately to the original place (i.e.,\r
372 // "MapInfo->CryptedAddress").\r
f9d129e6 373 //\r
58e68140
LE		 374 // For BusMasterCommonBuffer[64] operations however, this encryption has to\r
375 // land in-place, so divert the encryption to the stash buffer first.\r
376 //\r
377 EncryptionTarget = (VOID *)(UINTN)MapInfo->CryptedAddress;\r
378\r
379 switch (MapInfo->Operation) {\r
380 case EdkiiIoMmuOperationBusMasterCommonBuffer:\r
381 case EdkiiIoMmuOperationBusMasterCommonBuffer64:\r
382 ASSERT (MapInfo->PlainTextAddress == MapInfo->CryptedAddress);\r
383\r
384 CommonBufferHeader = (COMMON_BUFFER_HEADER *)(\r
385 (UINTN)MapInfo->PlainTextAddress - EFI_PAGE_SIZE\r
386 );\r
387 ASSERT (CommonBufferHeader->Signature == COMMON_BUFFER_SIG);\r
388 EncryptionTarget = CommonBufferHeader->StashBuffer;\r
389 //\r
390 // fall through\r
391 //\r
392\r
393 case EdkiiIoMmuOperationBusMasterWrite:\r
394 case EdkiiIoMmuOperationBusMasterWrite64:\r
f9d129e6 395 CopyMem (\r
58e68140 396 EncryptionTarget,\r
dc194ce3 397 (VOID *) (UINTN) MapInfo->PlainTextAddress,\r
f9d129e6
BS		 398 MapInfo->NumberOfBytes\r
399 );\r
58e68140
LE		 400 break;\r
401\r
402 default:\r
403 //\r
404 // nothing to encrypt after BusMasterRead[64] operations\r
405 //\r
406 break;\r
f9d129e6
BS		 407 }\r
408\r
f9d129e6 409 //\r
58e68140
LE		 410 // Restore the memory encryption mask on the area we used to hold the\r
411 // plaintext.\r
f9d129e6 412 //\r
812568fb
LE		 413 Status = MemEncryptSevSetPageEncMask (\r
414 0,\r
dc194ce3 415 MapInfo->PlainTextAddress,\r
812568fb
LE		 416 MapInfo->NumberOfPages,\r
417 TRUE\r
418 );\r
f1658838
LE		 419 ASSERT_EFI_ERROR (Status);\r
420 if (EFI_ERROR (Status)) {\r
421 CpuDeadLoop ();\r
422 }\r
f9d129e6
BS		 423\r
424 //\r
58e68140
LE		 425 // For BusMasterCommonBuffer[64] operations, copy the stashed data to the\r
426 // original (now encrypted) location.\r
427 //\r
428 // For all other operations, fill the late bounce buffer (which existed as\r
550acd08
LE		 429 // plaintext at some point) with zeros, and then release it (unless the UEFI\r
430 // memory map is locked).\r
58e68140
LE		 431 //\r
432 if (MapInfo->Operation == EdkiiIoMmuOperationBusMasterCommonBuffer ||\r
433 MapInfo->Operation == EdkiiIoMmuOperationBusMasterCommonBuffer64) {\r
434 CopyMem (\r
435 (VOID *)(UINTN)MapInfo->CryptedAddress,\r
436 CommonBufferHeader->StashBuffer,\r
437 MapInfo->NumberOfBytes\r
438 );\r
439 } else {\r
440 ZeroMem (\r
441 (VOID *)(UINTN)MapInfo->PlainTextAddress,\r
442 EFI_PAGES_TO_SIZE (MapInfo->NumberOfPages)\r
443 );\r
550acd08
LE		 444 if (!MemoryMapLocked) {\r
445 gBS->FreePages (MapInfo->PlainTextAddress, MapInfo->NumberOfPages);\r
446 }\r
58e68140
LE		 447 }\r
448\r
9ed745b9 449 //\r
550acd08
LE		 450 // Forget the MAP_INFO structure, then free it (unless the UEFI memory map is\r
451 // locked).\r
9ed745b9
LE		 452 //\r
453 RemoveEntryList (&MapInfo->Link);\r
550acd08
LE		 454 if (!MemoryMapLocked) {\r
455 FreePool (MapInfo);\r
456 }\r
9ed745b9 457\r
f9d129e6
BS		 458 return EFI_SUCCESS;\r
459}\r
460\r
550acd08
LE		 461/**\r
462 Completes the Map() operation and releases any corresponding resources.\r
463\r
464 @param This The protocol instance pointer.\r
465 @param Mapping The mapping value returned from Map().\r
466\r
467 @retval EFI_SUCCESS The range was unmapped.\r
468 @retval EFI_INVALID_PARAMETER Mapping is not a value that was returned by\r
469 Map().\r
470 @retval EFI_DEVICE_ERROR The data was not committed to the target system\r
471 memory.\r
472**/\r
473EFI_STATUS\r
474EFIAPI\r
475IoMmuUnmap (\r
476 IN EDKII_IOMMU_PROTOCOL *This,\r
477 IN VOID *Mapping\r
478 )\r
479{\r
480 return IoMmuUnmapWorker (\r
481 This,\r
482 Mapping,\r
483 FALSE // MemoryMapLocked\r
484 );\r
485}\r
486\r
f9d129e6
BS		 487/**\r
488 Allocates pages that are suitable for an OperationBusMasterCommonBuffer or\r
489 OperationBusMasterCommonBuffer64 mapping.\r
490\r
491 @param This The protocol instance pointer.\r
492 @param Type This parameter is not used and must be ignored.\r
812568fb
LE		 493 @param MemoryType The type of memory to allocate,\r
494 EfiBootServicesData or EfiRuntimeServicesData.\r
f9d129e6 495 @param Pages The number of pages to allocate.\r
812568fb
LE		 496 @param HostAddress A pointer to store the base system memory\r
497 address of the allocated range.\r
498 @param Attributes The requested bit mask of attributes for the\r
499 allocated range.\r
f9d129e6
BS		 500\r
501 @retval EFI_SUCCESS The requested memory pages were allocated.\r
812568fb
LE		 502 @retval EFI_UNSUPPORTED Attributes is unsupported. The only legal\r
503 attribute bits are MEMORY_WRITE_COMBINE and\r
504 MEMORY_CACHED.\r
f9d129e6
BS		 505 @retval EFI_INVALID_PARAMETER One or more parameters are invalid.\r
506 @retval EFI_OUT_OF_RESOURCES The memory pages could not be allocated.\r
507\r
508**/\r
509EFI_STATUS\r
510EFIAPI\r
511IoMmuAllocateBuffer (\r
512 IN EDKII_IOMMU_PROTOCOL *This,\r
513 IN EFI_ALLOCATE_TYPE Type,\r
514 IN EFI_MEMORY_TYPE MemoryType,\r
515 IN UINTN Pages,\r
516 IN OUT VOID **HostAddress,\r
517 IN UINT64 Attributes\r
518 )\r
519{\r
520 EFI_STATUS Status;\r
521 EFI_PHYSICAL_ADDRESS PhysicalAddress;\r
58e68140
LE		 522 VOID *StashBuffer;\r
523 UINTN CommonBufferPages;\r
524 COMMON_BUFFER_HEADER *CommonBufferHeader;\r
f9d129e6 525\r
80ddd336
LE		 526 DEBUG ((\r
527 DEBUG_VERBOSE,\r
528 "%a: MemoryType=%u Pages=0x%Lx Attributes=0x%Lx\n",\r
529 __FUNCTION__,\r
530 (UINT32)MemoryType,\r
531 (UINT64)Pages,\r
532 Attributes\r
533 ));\r
534\r
f9d129e6
BS		 535 //\r
536 // Validate Attributes\r
537 //\r
538 if ((Attributes & EDKII_IOMMU_ATTRIBUTE_INVALID_FOR_ALLOCATE_BUFFER) != 0) {\r
539 return EFI_UNSUPPORTED;\r
540 }\r
541\r
542 //\r
543 // Check for invalid inputs\r
544 //\r
545 if (HostAddress == NULL) {\r
546 return EFI_INVALID_PARAMETER;\r
547 }\r
548\r
549 //\r
550 // The only valid memory types are EfiBootServicesData and\r
551 // EfiRuntimeServicesData\r
552 //\r
553 if (MemoryType != EfiBootServicesData &&\r
554 MemoryType != EfiRuntimeServicesData) {\r
555 return EFI_INVALID_PARAMETER;\r
556 }\r
557\r
58e68140
LE		 558 //\r
559 // We'll need a header page for the COMMON_BUFFER_HEADER structure.\r
560 //\r
561 if (Pages > MAX_UINTN - 1) {\r
562 return EFI_OUT_OF_RESOURCES;\r
563 }\r
564 CommonBufferPages = Pages + 1;\r
565\r
566 //\r
567 // Allocate the stash in EfiBootServicesData type memory.\r
568 //\r
569 // Map() will temporarily save encrypted data in the stash for\r
570 // BusMasterCommonBuffer[64] operations, so the data can be decrypted to the\r
571 // original location.\r
572 //\r
573 // Unmap() will temporarily save plaintext data in the stash for\r
574 // BusMasterCommonBuffer[64] operations, so the data can be encrypted to the\r
575 // original location.\r
576 //\r
577 // StashBuffer always resides in encrypted memory.\r
578 //\r
579 StashBuffer = AllocatePages (Pages);\r
580 if (StashBuffer == NULL) {\r
581 return EFI_OUT_OF_RESOURCES;\r
582 }\r
583\r
f9d129e6
BS		 584 PhysicalAddress = (UINTN)-1;\r
585 if ((Attributes & EDKII_IOMMU_ATTRIBUTE_DUAL_ADDRESS_CYCLE) == 0) {\r
586 //\r
587 // Limit allocations to memory below 4GB\r
588 //\r
589 PhysicalAddress = SIZE_4GB - 1;\r
590 }\r
591 Status = gBS->AllocatePages (\r
592 AllocateMaxAddress,\r
593 MemoryType,\r
58e68140 594 CommonBufferPages,\r
f9d129e6
BS		 595 &PhysicalAddress\r
596 );\r
58e68140
LE		 597 if (EFI_ERROR (Status)) {\r
598 goto FreeStashBuffer;\r
f9d129e6
BS		 599 }\r
600\r
58e68140
LE		 601 CommonBufferHeader = (VOID *)(UINTN)PhysicalAddress;\r
602 PhysicalAddress += EFI_PAGE_SIZE;\r
603\r
604 CommonBufferHeader->Signature = COMMON_BUFFER_SIG;\r
605 CommonBufferHeader->StashBuffer = StashBuffer;\r
606\r
607 *HostAddress = (VOID *)(UINTN)PhysicalAddress;\r
608\r
812568fb
LE		 609 DEBUG ((\r
610 DEBUG_VERBOSE,\r
80ddd336 611 "%a: Host=0x%Lx Stash=0x%p\n",\r
812568fb
LE		 612 __FUNCTION__,\r
613 PhysicalAddress,\r
80ddd336 614 StashBuffer\r
812568fb 615 ));\r
58e68140
LE		 616 return EFI_SUCCESS;\r
617\r
618FreeStashBuffer:\r
619 FreePages (StashBuffer, Pages);\r
f9d129e6
BS		 620 return Status;\r
621}\r
622\r
623/**\r
624 Frees memory that was allocated with AllocateBuffer().\r
625\r
626 @param This The protocol instance pointer.\r
627 @param Pages The number of pages to free.\r
812568fb
LE		 628 @param HostAddress The base system memory address of the allocated\r
629 range.\r
f9d129e6
BS		 630\r
631 @retval EFI_SUCCESS The requested memory pages were freed.\r
812568fb
LE		 632 @retval EFI_INVALID_PARAMETER The memory range specified by HostAddress and\r
633 Pages was not allocated with AllocateBuffer().\r
f9d129e6
BS		 634\r
635**/\r
636EFI_STATUS\r
637EFIAPI\r
638IoMmuFreeBuffer (\r
639 IN EDKII_IOMMU_PROTOCOL *This,\r
640 IN UINTN Pages,\r
641 IN VOID *HostAddress\r
642 )\r
643{\r
58e68140
LE		 644 UINTN CommonBufferPages;\r
645 COMMON_BUFFER_HEADER *CommonBufferHeader;\r
646\r
1afbb85f
LE		 647 DEBUG ((\r
648 DEBUG_VERBOSE,\r
649 "%a: Host=0x%p Pages=0x%Lx\n",\r
650 __FUNCTION__,\r
651 HostAddress,\r
652 (UINT64)Pages\r
653 ));\r
654\r
58e68140
LE		 655 CommonBufferPages = Pages + 1;\r
656 CommonBufferHeader = (COMMON_BUFFER_HEADER *)(\r
657 (UINTN)HostAddress - EFI_PAGE_SIZE\r
658 );\r
f9d129e6
BS		 659\r
660 //\r
58e68140 661 // Check the signature.\r
f9d129e6 662 //\r
58e68140
LE		 663 ASSERT (CommonBufferHeader->Signature == COMMON_BUFFER_SIG);\r
664 if (CommonBufferHeader->Signature != COMMON_BUFFER_SIG) {\r
665 return EFI_INVALID_PARAMETER;\r
666 }\r
667\r
668 //\r
669 // Free the stash buffer. This buffer was always encrypted, so no need to\r
670 // zero it.\r
671 //\r
672 FreePages (CommonBufferHeader->StashBuffer, Pages);\r
f9d129e6 673\r
58e68140
LE		 674 //\r
675 // Release the common buffer itself. Unmap() has re-encrypted it in-place, so\r
676 // no need to zero it.\r
677 //\r
678 return gBS->FreePages ((UINTN)CommonBufferHeader, CommonBufferPages);\r
f9d129e6
BS		 679}\r
680\r
681\r
682/**\r
683 Set IOMMU attribute for a system memory.\r
684\r
685 If the IOMMU protocol exists, the system memory cannot be used\r
686 for DMA by default.\r
687\r
688 When a device requests a DMA access for a system memory,\r
689 the device driver need use SetAttribute() to update the IOMMU\r
690 attribute to request DMA access (read and/or write).\r
691\r
692 The DeviceHandle is used to identify which device submits the request.\r
812568fb
LE		 693 The IOMMU implementation need translate the device path to an IOMMU device\r
694 ID, and set IOMMU hardware register accordingly.\r
f9d129e6
BS		 695 1) DeviceHandle can be a standard PCI device.\r
696 The memory for BusMasterRead need set EDKII_IOMMU_ACCESS_READ.\r
697 The memory for BusMasterWrite need set EDKII_IOMMU_ACCESS_WRITE.\r
812568fb
LE		 698 The memory for BusMasterCommonBuffer need set\r
699 EDKII_IOMMU_ACCESS_READ|EDKII_IOMMU_ACCESS_WRITE.\r
700 After the memory is used, the memory need set 0 to keep it being\r
701 protected.\r
f9d129e6 702 2) DeviceHandle can be an ACPI device (ISA, I2C, SPI, etc).\r
812568fb
LE		 703 The memory for DMA access need set EDKII_IOMMU_ACCESS_READ and/or\r
704 EDKII_IOMMU_ACCESS_WRITE.\r
f9d129e6
BS		 705\r
706 @param[in] This The protocol instance pointer.\r
812568fb
LE		 707 @param[in] DeviceHandle The device who initiates the DMA access\r
708 request.\r
f9d129e6
BS		 709 @param[in] Mapping The mapping value returned from Map().\r
710 @param[in] IoMmuAccess The IOMMU access.\r
711\r
812568fb
LE		 712 @retval EFI_SUCCESS The IoMmuAccess is set for the memory range\r
713 specified by DeviceAddress and Length.\r
f9d129e6 714 @retval EFI_INVALID_PARAMETER DeviceHandle is an invalid handle.\r
812568fb
LE		 715 @retval EFI_INVALID_PARAMETER Mapping is not a value that was returned by\r
716 Map().\r
717 @retval EFI_INVALID_PARAMETER IoMmuAccess specified an illegal combination\r
718 of access.\r
f9d129e6 719 @retval EFI_UNSUPPORTED DeviceHandle is unknown by the IOMMU.\r
812568fb
LE		 720 @retval EFI_UNSUPPORTED The bit mask of IoMmuAccess is not supported\r
721 by the IOMMU.\r
722 @retval EFI_UNSUPPORTED The IOMMU does not support the memory range\r
723 specified by Mapping.\r
724 @retval EFI_OUT_OF_RESOURCES There are not enough resources available to\r
725 modify the IOMMU access.\r
726 @retval EFI_DEVICE_ERROR The IOMMU device reported an error while\r
727 attempting the operation.\r
f9d129e6
BS		 728\r
729**/\r
730EFI_STATUS\r
731EFIAPI\r
732IoMmuSetAttribute (\r
733 IN EDKII_IOMMU_PROTOCOL *This,\r
734 IN EFI_HANDLE DeviceHandle,\r
735 IN VOID *Mapping,\r
736 IN UINT64 IoMmuAccess\r
737 )\r
738{\r
739 return EFI_UNSUPPORTED;\r
740}\r
741\r
742EDKII_IOMMU_PROTOCOL mAmdSev = {\r
743 EDKII_IOMMU_PROTOCOL_REVISION,\r
744 IoMmuSetAttribute,\r
745 IoMmuMap,\r
746 IoMmuUnmap,\r
747 IoMmuAllocateBuffer,\r
748 IoMmuFreeBuffer,\r
749};\r
750\r
7aee391f
LE		 751/**\r
752 Notification function that is queued when gBS->ExitBootServices() signals the\r
753 EFI_EVENT_GROUP_EXIT_BOOT_SERVICES event group. This function signals another\r
754 event, received as Context, and returns.\r
755\r
756 Signaling an event in this context is safe. The UEFI spec allows\r
757 gBS->SignalEvent() to return EFI_SUCCESS only; EFI_OUT_OF_RESOURCES is not\r
758 listed, hence memory is not allocated. The edk2 implementation also does not\r
759 release memory (and we only have to care about the edk2 implementation\r
760 because EDKII_IOMMU_PROTOCOL is edk2-specific anyway).\r
761\r
762 @param[in] Event Event whose notification function is being invoked.\r
763 Event is permitted to request the queueing of this\r
764 function at TPL_CALLBACK or TPL_NOTIFY task\r
765 priority level.\r
766\r
767 @param[in] EventToSignal Identifies the EFI_EVENT to signal. EventToSignal\r
768 is permitted to request the queueing of its\r
769 notification function only at TPL_CALLBACK level.\r
770**/\r
771STATIC\r
772VOID\r
773EFIAPI\r
774AmdSevExitBoot (\r
775 IN EFI_EVENT Event,\r
776 IN VOID *EventToSignal\r
777 )\r
778{\r
779 //\r
780 // (1) The NotifyFunctions of all the events in\r
781 // EFI_EVENT_GROUP_EXIT_BOOT_SERVICES will have been queued before\r
782 // AmdSevExitBoot() is entered.\r
783 //\r
784 // (2) AmdSevExitBoot() is executing minimally at TPL_CALLBACK.\r
785 //\r
786 // (3) AmdSevExitBoot() has been queued in unspecified order relative to the\r
787 // NotifyFunctions of all the other events in\r
788 // EFI_EVENT_GROUP_EXIT_BOOT_SERVICES whose NotifyTpl is the same as\r
789 // Event's.\r
790 //\r
791 // Consequences:\r
792 //\r
793 // - If Event's NotifyTpl is TPL_CALLBACK, then some other NotifyFunctions\r
794 // queued at TPL_CALLBACK may be invoked after AmdSevExitBoot() returns.\r
795 //\r
796 // - If Event's NotifyTpl is TPL_NOTIFY, then some other NotifyFunctions\r
797 // queued at TPL_NOTIFY may be invoked after AmdSevExitBoot() returns; plus\r
798 // *all* NotifyFunctions queued at TPL_CALLBACK will be invoked strictly\r
799 // after all NotifyFunctions queued at TPL_NOTIFY, including\r
800 // AmdSevExitBoot(), have been invoked.\r
801 //\r
802 // - By signaling EventToSignal here, whose NotifyTpl is TPL_CALLBACK, we\r
803 // queue EventToSignal's NotifyFunction after the NotifyFunctions of *all*\r
804 // events in EFI_EVENT_GROUP_EXIT_BOOT_SERVICES.\r
805 //\r
806 DEBUG ((DEBUG_VERBOSE, "%a\n", __FUNCTION__));\r
807 gBS->SignalEvent (EventToSignal);\r
808}\r
809\r
810/**\r
811 Notification function that is queued after the notification functions of all\r
812 events in the EFI_EVENT_GROUP_EXIT_BOOT_SERVICES event group. The same memory\r
813 map restrictions apply.\r
814\r
815 This function unmaps all currently existing IOMMU mappings.\r
816\r
817 @param[in] Event Event whose notification function is being invoked. Event\r
818 is permitted to request the queueing of this function\r
819 only at TPL_CALLBACK task priority level.\r
820\r
821 @param[in] Context Ignored.\r
822**/\r
823STATIC\r
824VOID\r
825EFIAPI\r
826AmdSevUnmapAllMappings (\r
827 IN EFI_EVENT Event,\r
828 IN VOID *Context\r
829 )\r
830{\r
831 LIST_ENTRY *Node;\r
832 LIST_ENTRY *NextNode;\r
833 MAP_INFO *MapInfo;\r
834\r
835 DEBUG ((DEBUG_VERBOSE, "%a\n", __FUNCTION__));\r
836\r
837 //\r
838 // All drivers that had set up IOMMU mappings have halted their respective\r
839 // controllers by now; tear down the mappings.\r
840 //\r
841 for (Node = GetFirstNode (&mMapInfos); Node != &mMapInfos; Node = NextNode) {\r
842 NextNode = GetNextNode (&mMapInfos, Node);\r
843 MapInfo = CR (Node, MAP_INFO, Link, MAP_INFO_SIG);\r
844 IoMmuUnmapWorker (\r
845 &mAmdSev, // This\r
846 MapInfo, // Mapping\r
847 TRUE // MemoryMapLocked\r
848 );\r
849 }\r
850}\r
851\r
f9d129e6
BS		 852/**\r
853 Initialize Iommu Protocol.\r
854\r
855**/\r
db125079 856EFI_STATUS\r
f9d129e6
BS		 857EFIAPI\r
858AmdSevInstallIoMmuProtocol (\r
859 VOID\r
860 )\r
861{\r
862 EFI_STATUS Status;\r
7aee391f
LE		 863 EFI_EVENT UnmapAllMappingsEvent;\r
864 EFI_EVENT ExitBootEvent;\r
f9d129e6
BS		 865 EFI_HANDLE Handle;\r
866\r
7aee391f
LE		 867 //\r
868 // Create the "late" event whose notification function will tear down all\r
869 // left-over IOMMU mappings.\r
870 //\r
871 Status = gBS->CreateEvent (\r
872 EVT_NOTIFY_SIGNAL, // Type\r
873 TPL_CALLBACK, // NotifyTpl\r
874 AmdSevUnmapAllMappings, // NotifyFunction\r
875 NULL, // NotifyContext\r
876 &UnmapAllMappingsEvent // Event\r
877 );\r
878 if (EFI_ERROR (Status)) {\r
879 return Status;\r
880 }\r
881\r
882 //\r
883 // Create the event whose notification function will be queued by\r
884 // gBS->ExitBootServices() and will signal the event created above.\r
885 //\r
886 Status = gBS->CreateEvent (\r
887 EVT_SIGNAL_EXIT_BOOT_SERVICES, // Type\r
888 TPL_CALLBACK, // NotifyTpl\r
889 AmdSevExitBoot, // NotifyFunction\r
890 UnmapAllMappingsEvent, // NotifyContext\r
891 &ExitBootEvent // Event\r
892 );\r
893 if (EFI_ERROR (Status)) {\r
894 goto CloseUnmapAllMappingsEvent;\r
895 }\r
896\r
f9d129e6
BS		 897 Handle = NULL;\r
898 Status = gBS->InstallMultipleProtocolInterfaces (\r
899 &Handle,\r
900 &gEdkiiIoMmuProtocolGuid, &mAmdSev,\r
901 NULL\r
902 );\r
7aee391f
LE		 903 if (EFI_ERROR (Status)) {\r
904 goto CloseExitBootEvent;\r
905 }\r
906\r
907 return EFI_SUCCESS;\r
908\r
909CloseExitBootEvent:\r
910 gBS->CloseEvent (ExitBootEvent);\r
911\r
912CloseUnmapAllMappingsEvent:\r
913 gBS->CloseEvent (UnmapAllMappingsEvent);\r
914\r
db125079 915 return Status;\r
f9d129e6 916}\r
EFI Development Kit II mirror for PVE