]> git.proxmox.com Git - mirror_edk2.git/blame - OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.c
projects / mirror_edk2.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
OvmfPkg:Fix VS2012 build failure
[mirror_edk2.git] / OvmfPkg / Library / BaseMemEncryptSevLib / X64 / VirtualMemory.c
CommitLineData
a1f22614
BS		 1/** @file\r
2\r
3 Virtual Memory Management Services to set or clear the memory encryption bit\r
4\r
699a2c30 5 Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>\r
4bd6bf31 6 Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>\r
a1f22614 7\r
4bd6bf31
LE		 8 This program and the accompanying materials are licensed and made available\r
9 under the terms and conditions of the BSD License which accompanies this\r
10 distribution. The full text of the license may be found at\r
11 http://opensource.org/licenses/bsd-license.php\r
a1f22614 12\r
4bd6bf31
LE		 13 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, WITHOUT\r
14 WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
a1f22614 15\r
4bd6bf31 16 Code is derived from MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c\r
a1f22614
BS		 17\r
18**/\r
19\r
20#include <Library/CpuLib.h>\r
a1f22614 21#include <Register/Amd/Cpuid.h>\r
bd13ecf3 22#include <Register/Cpuid.h>\r
a1f22614
BS		 23\r
24#include "VirtualMemory.h"\r
25\r
26STATIC BOOLEAN mAddressEncMaskChecked = FALSE;\r
27STATIC UINT64 mAddressEncMask;\r
b721aa74 28STATIC PAGE_TABLE_POOL *mPageTablePool = NULL;\r
a1f22614
BS		 29\r
30typedef enum {\r
31 SetCBit,\r
32 ClearCBit\r
33} MAP_RANGE_MODE;\r
34\r
35/**\r
36 Get the memory encryption mask\r
37\r
38 @param[out] EncryptionMask contains the pte mask.\r
39\r
40**/\r
41STATIC\r
42UINT64\r
43GetMemEncryptionAddressMask (\r
44 VOID\r
45 )\r
46{\r
47 UINT64 EncryptionMask;\r
48 CPUID_MEMORY_ENCRYPTION_INFO_EBX Ebx;\r
49\r
50 if (mAddressEncMaskChecked) {\r
51 return mAddressEncMask;\r
52 }\r
53\r
54 //\r
55 // CPUID Fn8000_001F[EBX] Bit 0:5 (memory encryption bit position)\r
56 //\r
57 AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, NULL, &Ebx.Uint32, NULL, NULL);\r
58 EncryptionMask = LShiftU64 (1, Ebx.Bits.PtePosBits);\r
59\r
60 mAddressEncMask = EncryptionMask & PAGING_1G_ADDRESS_MASK_64;\r
61 mAddressEncMaskChecked = TRUE;\r
62\r
63 return mAddressEncMask;\r
64}\r
65\r
b721aa74
BS		 66/**\r
67 Initialize a buffer pool for page table use only.\r
68\r
69 To reduce the potential split operation on page table, the pages reserved for\r
70 page table should be allocated in the times of PAGE_TABLE_POOL_UNIT_PAGES and\r
71 at the boundary of PAGE_TABLE_POOL_ALIGNMENT. So the page pool is always\r
4bd6bf31
LE		 72 initialized with number of pages greater than or equal to the given\r
73 PoolPages.\r
b721aa74
BS		 74\r
75 Once the pages in the pool are used up, this method should be called again to\r
4bd6bf31
LE		 76 reserve at least another PAGE_TABLE_POOL_UNIT_PAGES. Usually this won't\r
77 happen often in practice.\r
b721aa74
BS		 78\r
79 @param[in] PoolPages The least page number of the pool to be created.\r
80\r
81 @retval TRUE The pool is initialized successfully.\r
82 @retval FALSE The memory is out of resource.\r
83**/\r
84STATIC\r
85BOOLEAN\r
86InitializePageTablePool (\r
87 IN UINTN PoolPages\r
88 )\r
89{\r
90 VOID *Buffer;\r
91\r
92 //\r
93 // Always reserve at least PAGE_TABLE_POOL_UNIT_PAGES, including one page for\r
94 // header.\r
95 //\r
96 PoolPages += 1; // Add one page for header.\r
97 PoolPages = ((PoolPages - 1) / PAGE_TABLE_POOL_UNIT_PAGES + 1) *\r
98 PAGE_TABLE_POOL_UNIT_PAGES;\r
99 Buffer = AllocateAlignedPages (PoolPages, PAGE_TABLE_POOL_ALIGNMENT);\r
100 if (Buffer == NULL) {\r
101 DEBUG ((DEBUG_ERROR, "ERROR: Out of aligned pages\r\n"));\r
102 return FALSE;\r
103 }\r
104\r
105 //\r
106 // Link all pools into a list for easier track later.\r
107 //\r
108 if (mPageTablePool == NULL) {\r
109 mPageTablePool = Buffer;\r
110 mPageTablePool->NextPool = mPageTablePool;\r
111 } else {\r
112 ((PAGE_TABLE_POOL *)Buffer)->NextPool = mPageTablePool->NextPool;\r
113 mPageTablePool->NextPool = Buffer;\r
114 mPageTablePool = Buffer;\r
115 }\r
116\r
117 //\r
118 // Reserve one page for pool header.\r
119 //\r
120 mPageTablePool->FreePages = PoolPages - 1;\r
121 mPageTablePool->Offset = EFI_PAGES_TO_SIZE (1);\r
122\r
123 return TRUE;\r
124}\r
125\r
126/**\r
127 This API provides a way to allocate memory for page table.\r
128\r
129 This API can be called more than once to allocate memory for page tables.\r
130\r
131 Allocates the number of 4KB pages and returns a pointer to the allocated\r
132 buffer. The buffer returned is aligned on a 4KB boundary.\r
133\r
134 If Pages is 0, then NULL is returned.\r
135 If there is not enough memory remaining to satisfy the request, then NULL is\r
136 returned.\r
137\r
138 @param Pages The number of 4 KB pages to allocate.\r
139\r
140 @return A pointer to the allocated buffer or NULL if allocation fails.\r
141\r
142**/\r
143STATIC\r
144VOID *\r
145EFIAPI\r
146AllocatePageTableMemory (\r
147 IN UINTN Pages\r
148 )\r
149{\r
150 VOID *Buffer;\r
151\r
152 if (Pages == 0) {\r
153 return NULL;\r
154 }\r
155\r
156 //\r
157 // Renew the pool if necessary.\r
158 //\r
159 if (mPageTablePool == NULL ||\r
160 Pages > mPageTablePool->FreePages) {\r
161 if (!InitializePageTablePool (Pages)) {\r
162 return NULL;\r
163 }\r
164 }\r
165\r
166 Buffer = (UINT8 *)mPageTablePool + mPageTablePool->Offset;\r
167\r
168 mPageTablePool->Offset += EFI_PAGES_TO_SIZE (Pages);\r
169 mPageTablePool->FreePages -= Pages;\r
170\r
171 DEBUG ((\r
172 DEBUG_VERBOSE,\r
173 "%a:%a: Buffer=0x%Lx Pages=%ld\n",\r
174 gEfiCallerBaseName,\r
175 __FUNCTION__,\r
176 Buffer,\r
177 Pages\r
178 ));\r
179\r
180 return Buffer;\r
181}\r
182\r
183\r
a1f22614
BS		 184/**\r
185 Split 2M page to 4K.\r
186\r
4bd6bf31
LE		 187 @param[in] PhysicalAddress Start physical address the 2M page\r
188 covered.\r
a1f22614
BS		 189 @param[in, out] PageEntry2M Pointer to 2M page entry.\r
190 @param[in] StackBase Stack base address.\r
191 @param[in] StackSize Stack size.\r
192\r
193**/\r
194STATIC\r
195VOID\r
196Split2MPageTo4K (\r
197 IN PHYSICAL_ADDRESS PhysicalAddress,\r
198 IN OUT UINT64 *PageEntry2M,\r
199 IN PHYSICAL_ADDRESS StackBase,\r
200 IN UINTN StackSize\r
201 )\r
202{\r
203 PHYSICAL_ADDRESS PhysicalAddress4K;\r
204 UINTN IndexOfPageTableEntries;\r
205 PAGE_TABLE_4K_ENTRY *PageTableEntry, *PageTableEntry1;\r
206 UINT64 AddressEncMask;\r
207\r
b721aa74 208 PageTableEntry = AllocatePageTableMemory(1);\r
a1f22614
BS		 209\r
210 PageTableEntry1 = PageTableEntry;\r
211\r
212 AddressEncMask = GetMemEncryptionAddressMask ();\r
213\r
214 ASSERT (PageTableEntry != NULL);\r
215 ASSERT (*PageEntry2M & AddressEncMask);\r
216\r
217 PhysicalAddress4K = PhysicalAddress;\r
4bd6bf31
LE		 218 for (IndexOfPageTableEntries = 0;\r
219 IndexOfPageTableEntries < 512;\r
220 (IndexOfPageTableEntries++,\r
221 PageTableEntry++,\r
222 PhysicalAddress4K += SIZE_4KB)) {\r
a1f22614
BS		 223 //\r
224 // Fill in the Page Table entries\r
225 //\r
226 PageTableEntry->Uint64 = (UINT64) PhysicalAddress4K | AddressEncMask;\r
227 PageTableEntry->Bits.ReadWrite = 1;\r
228 PageTableEntry->Bits.Present = 1;\r
4bd6bf31
LE		 229 if ((PhysicalAddress4K >= StackBase) &&\r
230 (PhysicalAddress4K < StackBase + StackSize)) {\r
a1f22614
BS		 231 //\r
232 // Set Nx bit for stack.\r
233 //\r
234 PageTableEntry->Bits.Nx = 1;\r
235 }\r
236 }\r
237\r
238 //\r
239 // Fill in 2M page entry.\r
240 //\r
4bd6bf31
LE		 241 *PageEntry2M = ((UINT64)(UINTN)PageTableEntry1 |\r
242 IA32_PG_P | IA32_PG_RW | AddressEncMask);\r
a1f22614
BS		 243}\r
244\r
b721aa74
BS		 245/**\r
246 Set one page of page table pool memory to be read-only.\r
247\r
248 @param[in] PageTableBase Base address of page table (CR3).\r
249 @param[in] Address Start address of a page to be set as read-only.\r
250 @param[in] Level4Paging Level 4 paging flag.\r
251\r
252**/\r
253STATIC\r
254VOID\r
255SetPageTablePoolReadOnly (\r
256 IN UINTN PageTableBase,\r
257 IN EFI_PHYSICAL_ADDRESS Address,\r
258 IN BOOLEAN Level4Paging\r
259 )\r
260{\r
261 UINTN Index;\r
262 UINTN EntryIndex;\r
263 UINT64 AddressEncMask;\r
264 EFI_PHYSICAL_ADDRESS PhysicalAddress;\r
265 UINT64 *PageTable;\r
266 UINT64 *NewPageTable;\r
267 UINT64 PageAttr;\r
268 UINT64 LevelSize[5];\r
269 UINT64 LevelMask[5];\r
270 UINTN LevelShift[5];\r
271 UINTN Level;\r
272 UINT64 PoolUnitSize;\r
273\r
274 ASSERT (PageTableBase != 0);\r
275\r
276 //\r
277 // Since the page table is always from page table pool, which is always\r
278 // located at the boundary of PcdPageTablePoolAlignment, we just need to\r
279 // set the whole pool unit to be read-only.\r
280 //\r
281 Address = Address & PAGE_TABLE_POOL_ALIGN_MASK;\r
282\r
283 LevelShift[1] = PAGING_L1_ADDRESS_SHIFT;\r
284 LevelShift[2] = PAGING_L2_ADDRESS_SHIFT;\r
285 LevelShift[3] = PAGING_L3_ADDRESS_SHIFT;\r
286 LevelShift[4] = PAGING_L4_ADDRESS_SHIFT;\r
287\r
288 LevelMask[1] = PAGING_4K_ADDRESS_MASK_64;\r
289 LevelMask[2] = PAGING_2M_ADDRESS_MASK_64;\r
290 LevelMask[3] = PAGING_1G_ADDRESS_MASK_64;\r
291 LevelMask[4] = PAGING_1G_ADDRESS_MASK_64;\r
292\r
293 LevelSize[1] = SIZE_4KB;\r
294 LevelSize[2] = SIZE_2MB;\r
295 LevelSize[3] = SIZE_1GB;\r
296 LevelSize[4] = SIZE_512GB;\r
297\r
298 AddressEncMask = GetMemEncryptionAddressMask() &\r
299 PAGING_1G_ADDRESS_MASK_64;\r
300 PageTable = (UINT64 *)(UINTN)PageTableBase;\r
301 PoolUnitSize = PAGE_TABLE_POOL_UNIT_SIZE;\r
302\r
303 for (Level = (Level4Paging) ? 4 : 3; Level > 0; --Level) {\r
304 Index = ((UINTN)RShiftU64 (Address, LevelShift[Level]));\r
305 Index &= PAGING_PAE_INDEX_MASK;\r
306\r
307 PageAttr = PageTable[Index];\r
308 if ((PageAttr & IA32_PG_PS) == 0) {\r
309 //\r
310 // Go to next level of table.\r
311 //\r
312 PageTable = (UINT64 *)(UINTN)(PageAttr & ~AddressEncMask &\r
313 PAGING_4K_ADDRESS_MASK_64);\r
314 continue;\r
315 }\r
316\r
317 if (PoolUnitSize >= LevelSize[Level]) {\r
318 //\r
319 // Clear R/W bit if current page granularity is not larger than pool unit\r
320 // size.\r
321 //\r
322 if ((PageAttr & IA32_PG_RW) != 0) {\r
323 while (PoolUnitSize > 0) {\r
324 //\r
325 // PAGE_TABLE_POOL_UNIT_SIZE and PAGE_TABLE_POOL_ALIGNMENT are fit in\r
326 // one page (2MB). Then we don't need to update attributes for pages\r
327 // crossing page directory. ASSERT below is for that purpose.\r
328 //\r
329 ASSERT (Index < EFI_PAGE_SIZE/sizeof (UINT64));\r
330\r
331 PageTable[Index] &= ~(UINT64)IA32_PG_RW;\r
332 PoolUnitSize -= LevelSize[Level];\r
333\r
334 ++Index;\r
335 }\r
336 }\r
337\r
338 break;\r
339\r
340 } else {\r
341 //\r
342 // The smaller granularity of page must be needed.\r
343 //\r
344 ASSERT (Level > 1);\r
345\r
346 NewPageTable = AllocatePageTableMemory (1);\r
347 ASSERT (NewPageTable != NULL);\r
348\r
349 PhysicalAddress = PageAttr & LevelMask[Level];\r
350 for (EntryIndex = 0;\r
351 EntryIndex < EFI_PAGE_SIZE/sizeof (UINT64);\r
352 ++EntryIndex) {\r
353 NewPageTable[EntryIndex] = PhysicalAddress | AddressEncMask |\r
354 IA32_PG_P | IA32_PG_RW;\r
355 if (Level > 2) {\r
356 NewPageTable[EntryIndex] |= IA32_PG_PS;\r
357 }\r
358 PhysicalAddress += LevelSize[Level - 1];\r
359 }\r
360\r
361 PageTable[Index] = (UINT64)(UINTN)NewPageTable | AddressEncMask |\r
362 IA32_PG_P | IA32_PG_RW;\r
363 PageTable = NewPageTable;\r
364 }\r
365 }\r
366}\r
367\r
368/**\r
369 Prevent the memory pages used for page table from been overwritten.\r
370\r
371 @param[in] PageTableBase Base address of page table (CR3).\r
372 @param[in] Level4Paging Level 4 paging flag.\r
373\r
374**/\r
375STATIC\r
376VOID\r
377EnablePageTableProtection (\r
378 IN UINTN PageTableBase,\r
379 IN BOOLEAN Level4Paging\r
380 )\r
381{\r
382 PAGE_TABLE_POOL *HeadPool;\r
383 PAGE_TABLE_POOL *Pool;\r
384 UINT64 PoolSize;\r
385 EFI_PHYSICAL_ADDRESS Address;\r
386\r
387 if (mPageTablePool == NULL) {\r
388 return;\r
389 }\r
390\r
391 //\r
392 // SetPageTablePoolReadOnly might update mPageTablePool. It's safer to\r
393 // remember original one in advance.\r
394 //\r
395 HeadPool = mPageTablePool;\r
396 Pool = HeadPool;\r
397 do {\r
398 Address = (EFI_PHYSICAL_ADDRESS)(UINTN)Pool;\r
399 PoolSize = Pool->Offset + EFI_PAGES_TO_SIZE (Pool->FreePages);\r
400\r
401 //\r
4bd6bf31
LE		 402 // The size of one pool must be multiple of PAGE_TABLE_POOL_UNIT_SIZE,\r
403 // which is one of page size of the processor (2MB by default). Let's apply\r
404 // the protection to them one by one.\r
b721aa74
BS		 405 //\r
406 while (PoolSize > 0) {\r
407 SetPageTablePoolReadOnly(PageTableBase, Address, Level4Paging);\r
408 Address += PAGE_TABLE_POOL_UNIT_SIZE;\r
409 PoolSize -= PAGE_TABLE_POOL_UNIT_SIZE;\r
410 }\r
411\r
412 Pool = Pool->NextPool;\r
413 } while (Pool != HeadPool);\r
414\r
415}\r
416\r
417\r
a1f22614
BS		 418/**\r
419 Split 1G page to 2M.\r
420\r
4bd6bf31
LE		 421 @param[in] PhysicalAddress Start physical address the 1G page\r
422 covered.\r
a1f22614
BS		 423 @param[in, out] PageEntry1G Pointer to 1G page entry.\r
424 @param[in] StackBase Stack base address.\r
425 @param[in] StackSize Stack size.\r
426\r
427**/\r
428STATIC\r
429VOID\r
430Split1GPageTo2M (\r
431 IN PHYSICAL_ADDRESS PhysicalAddress,\r
432 IN OUT UINT64 *PageEntry1G,\r
433 IN PHYSICAL_ADDRESS StackBase,\r
434 IN UINTN StackSize\r
435 )\r
436{\r
437 PHYSICAL_ADDRESS PhysicalAddress2M;\r
438 UINTN IndexOfPageDirectoryEntries;\r
439 PAGE_TABLE_ENTRY *PageDirectoryEntry;\r
440 UINT64 AddressEncMask;\r
441\r
b721aa74 442 PageDirectoryEntry = AllocatePageTableMemory(1);\r
a1f22614
BS		 443\r
444 AddressEncMask = GetMemEncryptionAddressMask ();\r
445 ASSERT (PageDirectoryEntry != NULL);\r
446 ASSERT (*PageEntry1G & GetMemEncryptionAddressMask ());\r
447 //\r
448 // Fill in 1G page entry.\r
449 //\r
4bd6bf31
LE		 450 *PageEntry1G = ((UINT64)(UINTN)PageDirectoryEntry |\r
451 IA32_PG_P | IA32_PG_RW | AddressEncMask);\r
a1f22614
BS		 452\r
453 PhysicalAddress2M = PhysicalAddress;\r
4bd6bf31
LE		 454 for (IndexOfPageDirectoryEntries = 0;\r
455 IndexOfPageDirectoryEntries < 512;\r
456 (IndexOfPageDirectoryEntries++,\r
457 PageDirectoryEntry++,\r
458 PhysicalAddress2M += SIZE_2MB)) {\r
459 if ((PhysicalAddress2M < StackBase + StackSize) &&\r
460 ((PhysicalAddress2M + SIZE_2MB) > StackBase)) {\r
a1f22614
BS		 461 //\r
462 // Need to split this 2M page that covers stack range.\r
463 //\r
4bd6bf31
LE		 464 Split2MPageTo4K (\r
465 PhysicalAddress2M,\r
466 (UINT64 *)PageDirectoryEntry,\r
467 StackBase,\r
468 StackSize\r
469 );\r
a1f22614
BS		 470 } else {\r
471 //\r
472 // Fill in the Page Directory entries\r
473 //\r
474 PageDirectoryEntry->Uint64 = (UINT64) PhysicalAddress2M | AddressEncMask;\r
475 PageDirectoryEntry->Bits.ReadWrite = 1;\r
476 PageDirectoryEntry->Bits.Present = 1;\r
477 PageDirectoryEntry->Bits.MustBe1 = 1;\r
478 }\r
479 }\r
480}\r
481\r
482\r
483/**\r
484 Set or Clear the memory encryption bit\r
485\r
486 @param[in] PagetablePoint Page table entry pointer (PTE).\r
487 @param[in] Mode Set or Clear encryption bit\r
488\r
489**/\r
490STATIC VOID\r
491SetOrClearCBit(\r
492 IN OUT UINT64* PageTablePointer,\r
493 IN MAP_RANGE_MODE Mode\r
494 )\r
495{\r
496 UINT64 AddressEncMask;\r
497\r
498 AddressEncMask = GetMemEncryptionAddressMask ();\r
499\r
500 if (Mode == SetCBit) {\r
501 *PageTablePointer |= AddressEncMask;\r
502 } else {\r
503 *PageTablePointer &= ~AddressEncMask;\r
504 }\r
505\r
506}\r
507\r
b721aa74
BS		 508/**\r
509 Check the WP status in CR0 register. This bit is used to lock or unlock write\r
510 access to pages marked as read-only.\r
511\r
512 @retval TRUE Write protection is enabled.\r
513 @retval FALSE Write protection is disabled.\r
514**/\r
515STATIC\r
516BOOLEAN\r
517IsReadOnlyPageWriteProtected (\r
518 VOID\r
519 )\r
520{\r
521 return ((AsmReadCr0 () & BIT16) != 0);\r
522}\r
523\r
524\r
525/**\r
526 Disable Write Protect on pages marked as read-only.\r
527**/\r
528STATIC\r
529VOID\r
530DisableReadOnlyPageWriteProtect (\r
531 VOID\r
532 )\r
533{\r
534 AsmWriteCr0 (AsmReadCr0() & ~BIT16);\r
535}\r
536\r
537/**\r
538 Enable Write Protect on pages marked as read-only.\r
539**/\r
540VOID\r
541EnableReadOnlyPageWriteProtect (\r
542 VOID\r
543 )\r
544{\r
545 AsmWriteCr0 (AsmReadCr0() | BIT16);\r
546}\r
547\r
548\r
a1f22614 549/**\r
4bd6bf31 550 This function either sets or clears memory encryption bit for the memory\r
cde8c568 551 region specified by PhysicalAddress and Length from the current page table\r
4bd6bf31 552 context.\r
a1f22614 553\r
cde8c568 554 The function iterates through the PhysicalAddress one page at a time, and set\r
a1f22614
BS		 555 or clears the memory encryption mask in the page table. If it encounters\r
556 that a given physical address range is part of large page then it attempts to\r
557 change the attribute at one go (based on size), otherwise it splits the\r
558 large pages into smaller (e.g 2M page into 4K pages) and then try to set or\r
559 clear the encryption bit on the smallest page size.\r
560\r
cde8c568
LE		 561 @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use\r
562 current CR3)\r
a1f22614
BS		 563 @param[in] PhysicalAddress The physical address that is the start\r
564 address of a memory region.\r
565 @param[in] Length The length of memory region\r
566 @param[in] Mode Set or Clear mode\r
cde8c568 567 @param[in] CacheFlush Flush the caches before applying the\r
a1f22614
BS		 568 encryption mask\r
569\r
4bd6bf31
LE		 570 @retval RETURN_SUCCESS The attributes were cleared for the\r
571 memory region.\r
a1f22614 572 @retval RETURN_INVALID_PARAMETER Number of pages is zero.\r
4bd6bf31
LE		 573 @retval RETURN_UNSUPPORTED Setting the memory encyrption attribute\r
574 is not supported\r
a1f22614
BS		 575**/\r
576\r
577STATIC\r
578RETURN_STATUS\r
579EFIAPI\r
580SetMemoryEncDec (\r
581 IN PHYSICAL_ADDRESS Cr3BaseAddress,\r
582 IN PHYSICAL_ADDRESS PhysicalAddress,\r
583 IN UINTN Length,\r
584 IN MAP_RANGE_MODE Mode,\r
585 IN BOOLEAN CacheFlush\r
586 )\r
587{\r
588 PAGE_MAP_AND_DIRECTORY_POINTER *PageMapLevel4Entry;\r
589 PAGE_MAP_AND_DIRECTORY_POINTER *PageUpperDirectoryPointerEntry;\r
590 PAGE_MAP_AND_DIRECTORY_POINTER *PageDirectoryPointerEntry;\r
591 PAGE_TABLE_1G_ENTRY *PageDirectory1GEntry;\r
592 PAGE_TABLE_ENTRY *PageDirectory2MEntry;\r
593 PAGE_TABLE_4K_ENTRY *PageTableEntry;\r
594 UINT64 PgTableMask;\r
595 UINT64 AddressEncMask;\r
b721aa74
BS		 596 BOOLEAN IsWpEnabled;\r
597 RETURN_STATUS Status;\r
a1f22614 598\r
699a2c30
DB		 599 //\r
600 // Set PageMapLevel4Entry to suppress incorrect compiler/analyzer warnings.\r
601 //\r
602 PageMapLevel4Entry = NULL;\r
603\r
70063aec
LE		 604 DEBUG ((\r
605 DEBUG_VERBOSE,\r
606 "%a:%a: Cr3Base=0x%Lx Physical=0x%Lx Length=0x%Lx Mode=%a CacheFlush=%u\n",\r
607 gEfiCallerBaseName,\r
608 __FUNCTION__,\r
609 Cr3BaseAddress,\r
610 PhysicalAddress,\r
611 (UINT64)Length,\r
612 (Mode == SetCBit) ? "Encrypt" : "Decrypt",\r
613 (UINT32)CacheFlush\r
614 ));\r
615\r
a1f22614
BS		 616 //\r
617 // Check if we have a valid memory encryption mask\r
618 //\r
619 AddressEncMask = GetMemEncryptionAddressMask ();\r
620 if (!AddressEncMask) {\r
621 return RETURN_ACCESS_DENIED;\r
622 }\r
623\r
624 PgTableMask = AddressEncMask | EFI_PAGE_MASK;\r
625\r
626 if (Length == 0) {\r
627 return RETURN_INVALID_PARAMETER;\r
628 }\r
629\r
630 //\r
631 // We are going to change the memory encryption attribute from C=0 -> C=1 or\r
4bd6bf31
LE		 632 // vice versa Flush the caches to ensure that data is written into memory\r
633 // with correct C-bit\r
a1f22614
BS		 634 //\r
635 if (CacheFlush) {\r
636 WriteBackInvalidateDataCacheRange((VOID*) (UINTN)PhysicalAddress, Length);\r
637 }\r
638\r
b721aa74
BS		 639 //\r
640 // Make sure that the page table is changeable.\r
641 //\r
642 IsWpEnabled = IsReadOnlyPageWriteProtected ();\r
643 if (IsWpEnabled) {\r
644 DisableReadOnlyPageWriteProtect ();\r
645 }\r
646\r
647 Status = EFI_SUCCESS;\r
648\r
a1f22614
BS		 649 while (Length)\r
650 {\r
651 //\r
652 // If Cr3BaseAddress is not specified then read the current CR3\r
653 //\r
654 if (Cr3BaseAddress == 0) {\r
655 Cr3BaseAddress = AsmReadCr3();\r
656 }\r
657\r
658 PageMapLevel4Entry = (VOID*) (Cr3BaseAddress & ~PgTableMask);\r
659 PageMapLevel4Entry += PML4_OFFSET(PhysicalAddress);\r
660 if (!PageMapLevel4Entry->Bits.Present) {\r
6692af92 661 DEBUG ((\r
3728ea5a
LE		 662 DEBUG_ERROR,\r
663 "%a:%a: bad PML4 for Physical=0x%Lx\n",\r
6692af92
LE		 664 gEfiCallerBaseName,\r
665 __FUNCTION__,\r
666 PhysicalAddress\r
667 ));\r
b721aa74
BS		 668 Status = RETURN_NO_MAPPING;\r
669 goto Done;\r
a1f22614
BS		 670 }\r
671\r
4bd6bf31
LE		 672 PageDirectory1GEntry = (VOID *)(\r
673 (PageMapLevel4Entry->Bits.PageTableBaseAddress <<\r
674 12) & ~PgTableMask\r
675 );\r
a1f22614
BS		 676 PageDirectory1GEntry += PDP_OFFSET(PhysicalAddress);\r
677 if (!PageDirectory1GEntry->Bits.Present) {\r
6692af92 678 DEBUG ((\r
3728ea5a
LE		 679 DEBUG_ERROR,\r
680 "%a:%a: bad PDPE for Physical=0x%Lx\n",\r
6692af92
LE		 681 gEfiCallerBaseName,\r
682 __FUNCTION__,\r
683 PhysicalAddress\r
684 ));\r
b721aa74
BS		 685 Status = RETURN_NO_MAPPING;\r
686 goto Done;\r
a1f22614
BS		 687 }\r
688\r
689 //\r
690 // If the MustBe1 bit is not 1, it's not actually a 1GB entry\r
691 //\r
692 if (PageDirectory1GEntry->Bits.MustBe1) {\r
693 //\r
694 // Valid 1GB page\r
695 // If we have at least 1GB to go, we can just update this entry\r
696 //\r
697 if (!(PhysicalAddress & (BIT30 - 1)) && Length >= BIT30) {\r
698 SetOrClearCBit(&PageDirectory1GEntry->Uint64, Mode);\r
6692af92
LE		 699 DEBUG ((\r
700 DEBUG_VERBOSE,\r
5597edfa 701 "%a:%a: updated 1GB entry for Physical=0x%Lx\n",\r
6692af92
LE		 702 gEfiCallerBaseName,\r
703 __FUNCTION__,\r
704 PhysicalAddress\r
705 ));\r
a1f22614
BS		 706 PhysicalAddress += BIT30;\r
707 Length -= BIT30;\r
708 } else {\r
709 //\r
710 // We must split the page\r
711 //\r
6692af92
LE		 712 DEBUG ((\r
713 DEBUG_VERBOSE,\r
d8d33741 714 "%a:%a: splitting 1GB page for Physical=0x%Lx\n",\r
6692af92 715 gEfiCallerBaseName,\r
631bd7e0
LE		 716 __FUNCTION__,\r
717 PhysicalAddress\r
6692af92 718 ));\r
4bd6bf31
LE		 719 Split1GPageTo2M (\r
720 (UINT64)PageDirectory1GEntry->Bits.PageTableBaseAddress << 30,\r
721 (UINT64 *)PageDirectory1GEntry,\r
722 0,\r
723 0\r
724 );\r
a1f22614
BS		 725 continue;\r
726 }\r
727 } else {\r
728 //\r
729 // Actually a PDP\r
730 //\r
4bd6bf31
LE		 731 PageUpperDirectoryPointerEntry =\r
732 (PAGE_MAP_AND_DIRECTORY_POINTER *)PageDirectory1GEntry;\r
733 PageDirectory2MEntry =\r
734 (VOID *)(\r
735 (PageUpperDirectoryPointerEntry->Bits.PageTableBaseAddress <<\r
736 12) & ~PgTableMask\r
737 );\r
a1f22614
BS		 738 PageDirectory2MEntry += PDE_OFFSET(PhysicalAddress);\r
739 if (!PageDirectory2MEntry->Bits.Present) {\r
6692af92 740 DEBUG ((\r
3728ea5a
LE		 741 DEBUG_ERROR,\r
742 "%a:%a: bad PDE for Physical=0x%Lx\n",\r
6692af92
LE		 743 gEfiCallerBaseName,\r
744 __FUNCTION__,\r
745 PhysicalAddress\r
746 ));\r
b721aa74
BS		 747 Status = RETURN_NO_MAPPING;\r
748 goto Done;\r
a1f22614
BS		 749 }\r
750 //\r
751 // If the MustBe1 bit is not a 1, it's not a 2MB entry\r
752 //\r
753 if (PageDirectory2MEntry->Bits.MustBe1) {\r
754 //\r
755 // Valid 2MB page\r
756 // If we have at least 2MB left to go, we can just update this entry\r
757 //\r
758 if (!(PhysicalAddress & (BIT21-1)) && Length >= BIT21) {\r
759 SetOrClearCBit (&PageDirectory2MEntry->Uint64, Mode);\r
760 PhysicalAddress += BIT21;\r
761 Length -= BIT21;\r
762 } else {\r
763 //\r
764 // We must split up this page into 4K pages\r
765 //\r
6692af92
LE		 766 DEBUG ((\r
767 DEBUG_VERBOSE,\r
d8d33741 768 "%a:%a: splitting 2MB page for Physical=0x%Lx\n",\r
6692af92
LE		 769 gEfiCallerBaseName,\r
770 __FUNCTION__,\r
771 PhysicalAddress\r
772 ));\r
4bd6bf31
LE		 773 Split2MPageTo4K (\r
774 (UINT64)PageDirectory2MEntry->Bits.PageTableBaseAddress << 21,\r
775 (UINT64 *)PageDirectory2MEntry,\r
776 0,\r
777 0\r
778 );\r
a1f22614
BS		 779 continue;\r
780 }\r
781 } else {\r
4bd6bf31
LE		 782 PageDirectoryPointerEntry =\r
783 (PAGE_MAP_AND_DIRECTORY_POINTER *)PageDirectory2MEntry;\r
784 PageTableEntry =\r
785 (VOID *)(\r
786 (PageDirectoryPointerEntry->Bits.PageTableBaseAddress <<\r
787 12) & ~PgTableMask\r
788 );\r
a1f22614
BS		 789 PageTableEntry += PTE_OFFSET(PhysicalAddress);\r
790 if (!PageTableEntry->Bits.Present) {\r
6692af92 791 DEBUG ((\r
3728ea5a
LE		 792 DEBUG_ERROR,\r
793 "%a:%a: bad PTE for Physical=0x%Lx\n",\r
6692af92
LE		 794 gEfiCallerBaseName,\r
795 __FUNCTION__,\r
796 PhysicalAddress\r
797 ));\r
b721aa74
BS		 798 Status = RETURN_NO_MAPPING;\r
799 goto Done;\r
a1f22614
BS		 800 }\r
801 SetOrClearCBit (&PageTableEntry->Uint64, Mode);\r
802 PhysicalAddress += EFI_PAGE_SIZE;\r
803 Length -= EFI_PAGE_SIZE;\r
804 }\r
805 }\r
806 }\r
807\r
b721aa74
BS		 808 //\r
809 // Protect the page table by marking the memory used for page table to be\r
810 // read-only.\r
811 //\r
812 if (IsWpEnabled) {\r
813 EnablePageTableProtection ((UINTN)PageMapLevel4Entry, TRUE);\r
814 }\r
815\r
a1f22614
BS		 816 //\r
817 // Flush TLB\r
818 //\r
819 CpuFlushTlb();\r
820\r
b721aa74
BS		 821Done:\r
822 //\r
823 // Restore page table write protection, if any.\r
824 //\r
825 if (IsWpEnabled) {\r
826 EnableReadOnlyPageWriteProtect ();\r
827 }\r
828\r
829 return Status;\r
a1f22614
BS		 830}\r
831\r
832/**\r
833 This function clears memory encryption bit for the memory region specified by\r
1532e5d5 834 PhysicalAddress and Length from the current page table context.\r
a1f22614 835\r
1532e5d5
LE		 836 @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use\r
837 current CR3)\r
a1f22614
BS		 838 @param[in] PhysicalAddress The physical address that is the start\r
839 address of a memory region.\r
840 @param[in] Length The length of memory region\r
841 @param[in] Flush Flush the caches before applying the\r
842 encryption mask\r
843\r
4bd6bf31
LE		 844 @retval RETURN_SUCCESS The attributes were cleared for the\r
845 memory region.\r
a1f22614 846 @retval RETURN_INVALID_PARAMETER Number of pages is zero.\r
1532e5d5 847 @retval RETURN_UNSUPPORTED Clearing the memory encyrption attribute\r
4bd6bf31 848 is not supported\r
a1f22614
BS		 849**/\r
850RETURN_STATUS\r
851EFIAPI\r
852InternalMemEncryptSevSetMemoryDecrypted (\r
853 IN PHYSICAL_ADDRESS Cr3BaseAddress,\r
854 IN PHYSICAL_ADDRESS PhysicalAddress,\r
855 IN UINTN Length,\r
856 IN BOOLEAN Flush\r
857 )\r
858{\r
859\r
4bd6bf31
LE		 860 return SetMemoryEncDec (\r
861 Cr3BaseAddress,\r
862 PhysicalAddress,\r
863 Length,\r
864 ClearCBit,\r
865 Flush\r
866 );\r
a1f22614
BS		 867}\r
868\r
869/**\r
870 This function sets memory encryption bit for the memory region specified by\r
68e60a38 871 PhysicalAddress and Length from the current page table context.\r
a1f22614 872\r
68e60a38
LE		 873 @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use\r
874 current CR3)\r
4bd6bf31
LE		 875 @param[in] PhysicalAddress The physical address that is the start\r
876 address of a memory region.\r
a1f22614
BS		 877 @param[in] Length The length of memory region\r
878 @param[in] Flush Flush the caches before applying the\r
879 encryption mask\r
880\r
68e60a38
LE		 881 @retval RETURN_SUCCESS The attributes were set for the memory\r
882 region.\r
a1f22614 883 @retval RETURN_INVALID_PARAMETER Number of pages is zero.\r
4bd6bf31
LE		 884 @retval RETURN_UNSUPPORTED Setting the memory encyrption attribute\r
885 is not supported\r
a1f22614
BS		 886**/\r
887RETURN_STATUS\r
888EFIAPI\r
889InternalMemEncryptSevSetMemoryEncrypted (\r
890 IN PHYSICAL_ADDRESS Cr3BaseAddress,\r
891 IN PHYSICAL_ADDRESS PhysicalAddress,\r
892 IN UINTN Length,\r
893 IN BOOLEAN Flush\r
894 )\r
895{\r
4bd6bf31
LE		 896 return SetMemoryEncDec (\r
897 Cr3BaseAddress,\r
898 PhysicalAddress,\r
899 Length,\r
900 SetCBit,\r
901 Flush\r
902 );\r
a1f22614 903}\r
EFI Development Kit II mirror for PVE