]> git.proxmox.com Git - mirror_edk2.git/blob - OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
OvmfPkg: Apply uncrustify changes
[mirror_edk2.git] / OvmfPkg / Library / BaseMemEncryptSevLib / X64 / PeiDxeVirtualMemory.c
1 /** @file
2
3 Virtual Memory Management Services to set or clear the memory encryption bit
4
5 Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
6 Copyright (c) 2017 - 2020, AMD Incorporated. All rights reserved.<BR>
7
8 SPDX-License-Identifier: BSD-2-Clause-Patent
9
10 Code is derived from MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
11
12 **/
13
14 #include <Library/CpuLib.h>
15 #include <Library/MemEncryptSevLib.h>
16 #include <Register/Amd/Cpuid.h>
17 #include <Register/Cpuid.h>
18
19 #include "VirtualMemory.h"
20
21 STATIC BOOLEAN mAddressEncMaskChecked = FALSE;
22 STATIC UINT64 mAddressEncMask;
23 STATIC PAGE_TABLE_POOL *mPageTablePool = NULL;
24
25 typedef enum {
26 SetCBit,
27 ClearCBit
28 } MAP_RANGE_MODE;
29
30 /**
31 Return the pagetable memory encryption mask.
32
33 @return The pagetable memory encryption mask.
34
35 **/
36 UINT64
37 EFIAPI
38 InternalGetMemEncryptionAddressMask (
39 VOID
40 )
41 {
42 UINT64 EncryptionMask;
43
44 if (mAddressEncMaskChecked) {
45 return mAddressEncMask;
46 }
47
48 EncryptionMask = MemEncryptSevGetEncryptionMask ();
49
50 mAddressEncMask = EncryptionMask & PAGING_1G_ADDRESS_MASK_64;
51 mAddressEncMaskChecked = TRUE;
52
53 return mAddressEncMask;
54 }
55
56 /**
57 Initialize a buffer pool for page table use only.
58
59 To reduce the potential split operation on page table, the pages reserved for
60 page table should be allocated in the times of PAGE_TABLE_POOL_UNIT_PAGES and
61 at the boundary of PAGE_TABLE_POOL_ALIGNMENT. So the page pool is always
62 initialized with number of pages greater than or equal to the given
63 PoolPages.
64
65 Once the pages in the pool are used up, this method should be called again to
66 reserve at least another PAGE_TABLE_POOL_UNIT_PAGES. Usually this won't
67 happen often in practice.
68
69 @param[in] PoolPages The least page number of the pool to be created.
70
71 @retval TRUE The pool is initialized successfully.
72 @retval FALSE The memory is out of resource.
73 **/
74 STATIC
75 BOOLEAN
76 InitializePageTablePool (
77 IN UINTN PoolPages
78 )
79 {
80 VOID *Buffer;
81
82 //
83 // Always reserve at least PAGE_TABLE_POOL_UNIT_PAGES, including one page for
84 // header.
85 //
86 PoolPages += 1; // Add one page for header.
87 PoolPages = ((PoolPages - 1) / PAGE_TABLE_POOL_UNIT_PAGES + 1) *
88 PAGE_TABLE_POOL_UNIT_PAGES;
89 Buffer = AllocateAlignedPages (PoolPages, PAGE_TABLE_POOL_ALIGNMENT);
90 if (Buffer == NULL) {
91 DEBUG ((DEBUG_ERROR, "ERROR: Out of aligned pages\r\n"));
92 return FALSE;
93 }
94
95 //
96 // Link all pools into a list for easier track later.
97 //
98 if (mPageTablePool == NULL) {
99 mPageTablePool = Buffer;
100 mPageTablePool->NextPool = mPageTablePool;
101 } else {
102 ((PAGE_TABLE_POOL *)Buffer)->NextPool = mPageTablePool->NextPool;
103 mPageTablePool->NextPool = Buffer;
104 mPageTablePool = Buffer;
105 }
106
107 //
108 // Reserve one page for pool header.
109 //
110 mPageTablePool->FreePages = PoolPages - 1;
111 mPageTablePool->Offset = EFI_PAGES_TO_SIZE (1);
112
113 return TRUE;
114 }
115
116 /**
117 This API provides a way to allocate memory for page table.
118
119 This API can be called more than once to allocate memory for page tables.
120
121 Allocates the number of 4KB pages and returns a pointer to the allocated
122 buffer. The buffer returned is aligned on a 4KB boundary.
123
124 If Pages is 0, then NULL is returned.
125 If there is not enough memory remaining to satisfy the request, then NULL is
126 returned.
127
128 @param Pages The number of 4 KB pages to allocate.
129
130 @return A pointer to the allocated buffer or NULL if allocation fails.
131
132 **/
133 STATIC
134 VOID *
135 EFIAPI
136 AllocatePageTableMemory (
137 IN UINTN Pages
138 )
139 {
140 VOID *Buffer;
141
142 if (Pages == 0) {
143 return NULL;
144 }
145
146 //
147 // Renew the pool if necessary.
148 //
149 if ((mPageTablePool == NULL) ||
150 (Pages > mPageTablePool->FreePages))
151 {
152 if (!InitializePageTablePool (Pages)) {
153 return NULL;
154 }
155 }
156
157 Buffer = (UINT8 *)mPageTablePool + mPageTablePool->Offset;
158
159 mPageTablePool->Offset += EFI_PAGES_TO_SIZE (Pages);
160 mPageTablePool->FreePages -= Pages;
161
162 DEBUG ((
163 DEBUG_VERBOSE,
164 "%a:%a: Buffer=0x%Lx Pages=%ld\n",
165 gEfiCallerBaseName,
166 __FUNCTION__,
167 Buffer,
168 Pages
169 ));
170
171 return Buffer;
172 }
173
174 /**
175 Split 2M page to 4K.
176
177 @param[in] PhysicalAddress Start physical address the 2M page
178 covered.
179 @param[in, out] PageEntry2M Pointer to 2M page entry.
180 @param[in] StackBase Stack base address.
181 @param[in] StackSize Stack size.
182
183 **/
184 STATIC
185 VOID
186 Split2MPageTo4K (
187 IN PHYSICAL_ADDRESS PhysicalAddress,
188 IN OUT UINT64 *PageEntry2M,
189 IN PHYSICAL_ADDRESS StackBase,
190 IN UINTN StackSize
191 )
192 {
193 PHYSICAL_ADDRESS PhysicalAddress4K;
194 UINTN IndexOfPageTableEntries;
195 PAGE_TABLE_4K_ENTRY *PageTableEntry;
196 PAGE_TABLE_4K_ENTRY *PageTableEntry1;
197 UINT64 AddressEncMask;
198
199 PageTableEntry = AllocatePageTableMemory (1);
200
201 PageTableEntry1 = PageTableEntry;
202
203 AddressEncMask = InternalGetMemEncryptionAddressMask ();
204
205 ASSERT (PageTableEntry != NULL);
206 ASSERT (*PageEntry2M & AddressEncMask);
207
208 PhysicalAddress4K = PhysicalAddress;
209 for (IndexOfPageTableEntries = 0;
210 IndexOfPageTableEntries < 512;
211 (IndexOfPageTableEntries++,
212 PageTableEntry++,
213 PhysicalAddress4K += SIZE_4KB))
214 {
215 //
216 // Fill in the Page Table entries
217 //
218 PageTableEntry->Uint64 = (UINT64)PhysicalAddress4K | AddressEncMask;
219 PageTableEntry->Bits.ReadWrite = 1;
220 PageTableEntry->Bits.Present = 1;
221 if ((PhysicalAddress4K >= StackBase) &&
222 (PhysicalAddress4K < StackBase + StackSize))
223 {
224 //
225 // Set Nx bit for stack.
226 //
227 PageTableEntry->Bits.Nx = 1;
228 }
229 }
230
231 //
232 // Fill in 2M page entry.
233 //
234 *PageEntry2M = ((UINT64)(UINTN)PageTableEntry1 |
235 IA32_PG_P | IA32_PG_RW | AddressEncMask);
236 }
237
238 /**
239 Set one page of page table pool memory to be read-only.
240
241 @param[in] PageTableBase Base address of page table (CR3).
242 @param[in] Address Start address of a page to be set as read-only.
243 @param[in] Level4Paging Level 4 paging flag.
244
245 **/
246 STATIC
247 VOID
248 SetPageTablePoolReadOnly (
249 IN UINTN PageTableBase,
250 IN EFI_PHYSICAL_ADDRESS Address,
251 IN BOOLEAN Level4Paging
252 )
253 {
254 UINTN Index;
255 UINTN EntryIndex;
256 UINT64 AddressEncMask;
257 EFI_PHYSICAL_ADDRESS PhysicalAddress;
258 UINT64 *PageTable;
259 UINT64 *NewPageTable;
260 UINT64 PageAttr;
261 UINT64 LevelSize[5];
262 UINT64 LevelMask[5];
263 UINTN LevelShift[5];
264 UINTN Level;
265 UINT64 PoolUnitSize;
266
267 ASSERT (PageTableBase != 0);
268
269 //
270 // Since the page table is always from page table pool, which is always
271 // located at the boundary of PcdPageTablePoolAlignment, we just need to
272 // set the whole pool unit to be read-only.
273 //
274 Address = Address & PAGE_TABLE_POOL_ALIGN_MASK;
275
276 LevelShift[1] = PAGING_L1_ADDRESS_SHIFT;
277 LevelShift[2] = PAGING_L2_ADDRESS_SHIFT;
278 LevelShift[3] = PAGING_L3_ADDRESS_SHIFT;
279 LevelShift[4] = PAGING_L4_ADDRESS_SHIFT;
280
281 LevelMask[1] = PAGING_4K_ADDRESS_MASK_64;
282 LevelMask[2] = PAGING_2M_ADDRESS_MASK_64;
283 LevelMask[3] = PAGING_1G_ADDRESS_MASK_64;
284 LevelMask[4] = PAGING_1G_ADDRESS_MASK_64;
285
286 LevelSize[1] = SIZE_4KB;
287 LevelSize[2] = SIZE_2MB;
288 LevelSize[3] = SIZE_1GB;
289 LevelSize[4] = SIZE_512GB;
290
291 AddressEncMask = InternalGetMemEncryptionAddressMask ();
292 PageTable = (UINT64 *)(UINTN)PageTableBase;
293 PoolUnitSize = PAGE_TABLE_POOL_UNIT_SIZE;
294
295 for (Level = (Level4Paging) ? 4 : 3; Level > 0; --Level) {
296 Index = ((UINTN)RShiftU64 (Address, LevelShift[Level]));
297 Index &= PAGING_PAE_INDEX_MASK;
298
299 PageAttr = PageTable[Index];
300 if ((PageAttr & IA32_PG_PS) == 0) {
301 //
302 // Go to next level of table.
303 //
304 PageTable = (UINT64 *)(UINTN)(PageAttr & ~AddressEncMask &
305 PAGING_4K_ADDRESS_MASK_64);
306 continue;
307 }
308
309 if (PoolUnitSize >= LevelSize[Level]) {
310 //
311 // Clear R/W bit if current page granularity is not larger than pool unit
312 // size.
313 //
314 if ((PageAttr & IA32_PG_RW) != 0) {
315 while (PoolUnitSize > 0) {
316 //
317 // PAGE_TABLE_POOL_UNIT_SIZE and PAGE_TABLE_POOL_ALIGNMENT are fit in
318 // one page (2MB). Then we don't need to update attributes for pages
319 // crossing page directory. ASSERT below is for that purpose.
320 //
321 ASSERT (Index < EFI_PAGE_SIZE/sizeof (UINT64));
322
323 PageTable[Index] &= ~(UINT64)IA32_PG_RW;
324 PoolUnitSize -= LevelSize[Level];
325
326 ++Index;
327 }
328 }
329
330 break;
331 } else {
332 //
333 // The smaller granularity of page must be needed.
334 //
335 ASSERT (Level > 1);
336
337 NewPageTable = AllocatePageTableMemory (1);
338 ASSERT (NewPageTable != NULL);
339
340 PhysicalAddress = PageAttr & LevelMask[Level];
341 for (EntryIndex = 0;
342 EntryIndex < EFI_PAGE_SIZE/sizeof (UINT64);
343 ++EntryIndex)
344 {
345 NewPageTable[EntryIndex] = PhysicalAddress | AddressEncMask |
346 IA32_PG_P | IA32_PG_RW;
347 if (Level > 2) {
348 NewPageTable[EntryIndex] |= IA32_PG_PS;
349 }
350
351 PhysicalAddress += LevelSize[Level - 1];
352 }
353
354 PageTable[Index] = (UINT64)(UINTN)NewPageTable | AddressEncMask |
355 IA32_PG_P | IA32_PG_RW;
356 PageTable = NewPageTable;
357 }
358 }
359 }
360
361 /**
362 Prevent the memory pages used for page table from been overwritten.
363
364 @param[in] PageTableBase Base address of page table (CR3).
365 @param[in] Level4Paging Level 4 paging flag.
366
367 **/
368 STATIC
369 VOID
370 EnablePageTableProtection (
371 IN UINTN PageTableBase,
372 IN BOOLEAN Level4Paging
373 )
374 {
375 PAGE_TABLE_POOL *HeadPool;
376 PAGE_TABLE_POOL *Pool;
377 UINT64 PoolSize;
378 EFI_PHYSICAL_ADDRESS Address;
379
380 if (mPageTablePool == NULL) {
381 return;
382 }
383
384 //
385 // SetPageTablePoolReadOnly might update mPageTablePool. It's safer to
386 // remember original one in advance.
387 //
388 HeadPool = mPageTablePool;
389 Pool = HeadPool;
390 do {
391 Address = (EFI_PHYSICAL_ADDRESS)(UINTN)Pool;
392 PoolSize = Pool->Offset + EFI_PAGES_TO_SIZE (Pool->FreePages);
393
394 //
395 // The size of one pool must be multiple of PAGE_TABLE_POOL_UNIT_SIZE,
396 // which is one of page size of the processor (2MB by default). Let's apply
397 // the protection to them one by one.
398 //
399 while (PoolSize > 0) {
400 SetPageTablePoolReadOnly (PageTableBase, Address, Level4Paging);
401 Address += PAGE_TABLE_POOL_UNIT_SIZE;
402 PoolSize -= PAGE_TABLE_POOL_UNIT_SIZE;
403 }
404
405 Pool = Pool->NextPool;
406 } while (Pool != HeadPool);
407 }
408
409 /**
410 Split 1G page to 2M.
411
412 @param[in] PhysicalAddress Start physical address the 1G page
413 covered.
414 @param[in, out] PageEntry1G Pointer to 1G page entry.
415 @param[in] StackBase Stack base address.
416 @param[in] StackSize Stack size.
417
418 **/
419 STATIC
420 VOID
421 Split1GPageTo2M (
422 IN PHYSICAL_ADDRESS PhysicalAddress,
423 IN OUT UINT64 *PageEntry1G,
424 IN PHYSICAL_ADDRESS StackBase,
425 IN UINTN StackSize
426 )
427 {
428 PHYSICAL_ADDRESS PhysicalAddress2M;
429 UINTN IndexOfPageDirectoryEntries;
430 PAGE_TABLE_ENTRY *PageDirectoryEntry;
431 UINT64 AddressEncMask;
432
433 PageDirectoryEntry = AllocatePageTableMemory (1);
434
435 AddressEncMask = InternalGetMemEncryptionAddressMask ();
436 ASSERT (PageDirectoryEntry != NULL);
437 ASSERT (*PageEntry1G & AddressEncMask);
438 //
439 // Fill in 1G page entry.
440 //
441 *PageEntry1G = ((UINT64)(UINTN)PageDirectoryEntry |
442 IA32_PG_P | IA32_PG_RW | AddressEncMask);
443
444 PhysicalAddress2M = PhysicalAddress;
445 for (IndexOfPageDirectoryEntries = 0;
446 IndexOfPageDirectoryEntries < 512;
447 (IndexOfPageDirectoryEntries++,
448 PageDirectoryEntry++,
449 PhysicalAddress2M += SIZE_2MB))
450 {
451 if ((PhysicalAddress2M < StackBase + StackSize) &&
452 ((PhysicalAddress2M + SIZE_2MB) > StackBase))
453 {
454 //
455 // Need to split this 2M page that covers stack range.
456 //
457 Split2MPageTo4K (
458 PhysicalAddress2M,
459 (UINT64 *)PageDirectoryEntry,
460 StackBase,
461 StackSize
462 );
463 } else {
464 //
465 // Fill in the Page Directory entries
466 //
467 PageDirectoryEntry->Uint64 = (UINT64)PhysicalAddress2M | AddressEncMask;
468 PageDirectoryEntry->Bits.ReadWrite = 1;
469 PageDirectoryEntry->Bits.Present = 1;
470 PageDirectoryEntry->Bits.MustBe1 = 1;
471 }
472 }
473 }
474
475 /**
476 Set or Clear the memory encryption bit
477
478 @param[in, out] PageTablePointer Page table entry pointer (PTE).
479 @param[in] Mode Set or Clear encryption bit
480
481 **/
482 STATIC VOID
483 SetOrClearCBit (
484 IN OUT UINT64 *PageTablePointer,
485 IN MAP_RANGE_MODE Mode
486 )
487 {
488 UINT64 AddressEncMask;
489
490 AddressEncMask = InternalGetMemEncryptionAddressMask ();
491
492 if (Mode == SetCBit) {
493 *PageTablePointer |= AddressEncMask;
494 } else {
495 *PageTablePointer &= ~AddressEncMask;
496 }
497 }
498
499 /**
500 Check the WP status in CR0 register. This bit is used to lock or unlock write
501 access to pages marked as read-only.
502
503 @retval TRUE Write protection is enabled.
504 @retval FALSE Write protection is disabled.
505 **/
506 STATIC
507 BOOLEAN
508 IsReadOnlyPageWriteProtected (
509 VOID
510 )
511 {
512 return ((AsmReadCr0 () & BIT16) != 0);
513 }
514
515 /**
516 Disable Write Protect on pages marked as read-only.
517 **/
518 STATIC
519 VOID
520 DisableReadOnlyPageWriteProtect (
521 VOID
522 )
523 {
524 AsmWriteCr0 (AsmReadCr0 () & ~BIT16);
525 }
526
527 /**
528 Enable Write Protect on pages marked as read-only.
529 **/
530 STATIC
531 VOID
532 EnableReadOnlyPageWriteProtect (
533 VOID
534 )
535 {
536 AsmWriteCr0 (AsmReadCr0 () | BIT16);
537 }
538
539 /**
540 This function either sets or clears memory encryption bit for the memory
541 region specified by PhysicalAddress and Length from the current page table
542 context.
543
544 The function iterates through the PhysicalAddress one page at a time, and set
545 or clears the memory encryption mask in the page table. If it encounters
546 that a given physical address range is part of large page then it attempts to
547 change the attribute at one go (based on size), otherwise it splits the
548 large pages into smaller (e.g 2M page into 4K pages) and then try to set or
549 clear the encryption bit on the smallest page size.
550
551 @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use
552 current CR3)
553 @param[in] PhysicalAddress The physical address that is the start
554 address of a memory region.
555 @param[in] Length The length of memory region
556 @param[in] Mode Set or Clear mode
557 @param[in] CacheFlush Flush the caches before applying the
558 encryption mask
559
560 @retval RETURN_SUCCESS The attributes were cleared for the
561 memory region.
562 @retval RETURN_INVALID_PARAMETER Number of pages is zero.
563 @retval RETURN_UNSUPPORTED Setting the memory encyrption attribute
564 is not supported
565 **/
566 STATIC
567 RETURN_STATUS
568 EFIAPI
569 SetMemoryEncDec (
570 IN PHYSICAL_ADDRESS Cr3BaseAddress,
571 IN PHYSICAL_ADDRESS PhysicalAddress,
572 IN UINTN Length,
573 IN MAP_RANGE_MODE Mode,
574 IN BOOLEAN CacheFlush
575 )
576 {
577 PAGE_MAP_AND_DIRECTORY_POINTER *PageMapLevel4Entry;
578 PAGE_MAP_AND_DIRECTORY_POINTER *PageUpperDirectoryPointerEntry;
579 PAGE_MAP_AND_DIRECTORY_POINTER *PageDirectoryPointerEntry;
580 PAGE_TABLE_1G_ENTRY *PageDirectory1GEntry;
581 PAGE_TABLE_ENTRY *PageDirectory2MEntry;
582 PAGE_TABLE_4K_ENTRY *PageTableEntry;
583 UINT64 PgTableMask;
584 UINT64 AddressEncMask;
585 BOOLEAN IsWpEnabled;
586 RETURN_STATUS Status;
587
588 //
589 // Set PageMapLevel4Entry to suppress incorrect compiler/analyzer warnings.
590 //
591 PageMapLevel4Entry = NULL;
592
593 DEBUG ((
594 DEBUG_VERBOSE,
595 "%a:%a: Cr3Base=0x%Lx Physical=0x%Lx Length=0x%Lx Mode=%a CacheFlush=%u\n",
596 gEfiCallerBaseName,
597 __FUNCTION__,
598 Cr3BaseAddress,
599 PhysicalAddress,
600 (UINT64)Length,
601 (Mode == SetCBit) ? "Encrypt" : "Decrypt",
602 (UINT32)CacheFlush
603 ));
604
605 //
606 // Check if we have a valid memory encryption mask
607 //
608 AddressEncMask = InternalGetMemEncryptionAddressMask ();
609 if (!AddressEncMask) {
610 return RETURN_ACCESS_DENIED;
611 }
612
613 PgTableMask = AddressEncMask | EFI_PAGE_MASK;
614
615 if (Length == 0) {
616 return RETURN_INVALID_PARAMETER;
617 }
618
619 //
620 // We are going to change the memory encryption attribute from C=0 -> C=1 or
621 // vice versa Flush the caches to ensure that data is written into memory
622 // with correct C-bit
623 //
624 if (CacheFlush) {
625 WriteBackInvalidateDataCacheRange ((VOID *)(UINTN)PhysicalAddress, Length);
626 }
627
628 //
629 // Make sure that the page table is changeable.
630 //
631 IsWpEnabled = IsReadOnlyPageWriteProtected ();
632 if (IsWpEnabled) {
633 DisableReadOnlyPageWriteProtect ();
634 }
635
636 Status = EFI_SUCCESS;
637
638 while (Length != 0) {
639 //
640 // If Cr3BaseAddress is not specified then read the current CR3
641 //
642 if (Cr3BaseAddress == 0) {
643 Cr3BaseAddress = AsmReadCr3 ();
644 }
645
646 PageMapLevel4Entry = (VOID *)(Cr3BaseAddress & ~PgTableMask);
647 PageMapLevel4Entry += PML4_OFFSET (PhysicalAddress);
648 if (!PageMapLevel4Entry->Bits.Present) {
649 DEBUG ((
650 DEBUG_ERROR,
651 "%a:%a: bad PML4 for Physical=0x%Lx\n",
652 gEfiCallerBaseName,
653 __FUNCTION__,
654 PhysicalAddress
655 ));
656 Status = RETURN_NO_MAPPING;
657 goto Done;
658 }
659
660 PageDirectory1GEntry = (VOID *)(
661 (PageMapLevel4Entry->Bits.PageTableBaseAddress <<
662 12) & ~PgTableMask
663 );
664 PageDirectory1GEntry += PDP_OFFSET (PhysicalAddress);
665 if (!PageDirectory1GEntry->Bits.Present) {
666 DEBUG ((
667 DEBUG_ERROR,
668 "%a:%a: bad PDPE for Physical=0x%Lx\n",
669 gEfiCallerBaseName,
670 __FUNCTION__,
671 PhysicalAddress
672 ));
673 Status = RETURN_NO_MAPPING;
674 goto Done;
675 }
676
677 //
678 // If the MustBe1 bit is not 1, it's not actually a 1GB entry
679 //
680 if (PageDirectory1GEntry->Bits.MustBe1) {
681 //
682 // Valid 1GB page
683 // If we have at least 1GB to go, we can just update this entry
684 //
685 if (((PhysicalAddress & (BIT30 - 1)) == 0) && (Length >= BIT30)) {
686 SetOrClearCBit (&PageDirectory1GEntry->Uint64, Mode);
687 DEBUG ((
688 DEBUG_VERBOSE,
689 "%a:%a: updated 1GB entry for Physical=0x%Lx\n",
690 gEfiCallerBaseName,
691 __FUNCTION__,
692 PhysicalAddress
693 ));
694 PhysicalAddress += BIT30;
695 Length -= BIT30;
696 } else {
697 //
698 // We must split the page
699 //
700 DEBUG ((
701 DEBUG_VERBOSE,
702 "%a:%a: splitting 1GB page for Physical=0x%Lx\n",
703 gEfiCallerBaseName,
704 __FUNCTION__,
705 PhysicalAddress
706 ));
707 Split1GPageTo2M (
708 (UINT64)PageDirectory1GEntry->Bits.PageTableBaseAddress << 30,
709 (UINT64 *)PageDirectory1GEntry,
710 0,
711 0
712 );
713 continue;
714 }
715 } else {
716 //
717 // Actually a PDP
718 //
719 PageUpperDirectoryPointerEntry =
720 (PAGE_MAP_AND_DIRECTORY_POINTER *)PageDirectory1GEntry;
721 PageDirectory2MEntry =
722 (VOID *)(
723 (PageUpperDirectoryPointerEntry->Bits.PageTableBaseAddress <<
724 12) & ~PgTableMask
725 );
726 PageDirectory2MEntry += PDE_OFFSET (PhysicalAddress);
727 if (!PageDirectory2MEntry->Bits.Present) {
728 DEBUG ((
729 DEBUG_ERROR,
730 "%a:%a: bad PDE for Physical=0x%Lx\n",
731 gEfiCallerBaseName,
732 __FUNCTION__,
733 PhysicalAddress
734 ));
735 Status = RETURN_NO_MAPPING;
736 goto Done;
737 }
738
739 //
740 // If the MustBe1 bit is not a 1, it's not a 2MB entry
741 //
742 if (PageDirectory2MEntry->Bits.MustBe1) {
743 //
744 // Valid 2MB page
745 // If we have at least 2MB left to go, we can just update this entry
746 //
747 if (((PhysicalAddress & (BIT21-1)) == 0) && (Length >= BIT21)) {
748 SetOrClearCBit (&PageDirectory2MEntry->Uint64, Mode);
749 PhysicalAddress += BIT21;
750 Length -= BIT21;
751 } else {
752 //
753 // We must split up this page into 4K pages
754 //
755 DEBUG ((
756 DEBUG_VERBOSE,
757 "%a:%a: splitting 2MB page for Physical=0x%Lx\n",
758 gEfiCallerBaseName,
759 __FUNCTION__,
760 PhysicalAddress
761 ));
762 Split2MPageTo4K (
763 (UINT64)PageDirectory2MEntry->Bits.PageTableBaseAddress << 21,
764 (UINT64 *)PageDirectory2MEntry,
765 0,
766 0
767 );
768 continue;
769 }
770 } else {
771 PageDirectoryPointerEntry =
772 (PAGE_MAP_AND_DIRECTORY_POINTER *)PageDirectory2MEntry;
773 PageTableEntry =
774 (VOID *)(
775 (PageDirectoryPointerEntry->Bits.PageTableBaseAddress <<
776 12) & ~PgTableMask
777 );
778 PageTableEntry += PTE_OFFSET (PhysicalAddress);
779 if (!PageTableEntry->Bits.Present) {
780 DEBUG ((
781 DEBUG_ERROR,
782 "%a:%a: bad PTE for Physical=0x%Lx\n",
783 gEfiCallerBaseName,
784 __FUNCTION__,
785 PhysicalAddress
786 ));
787 Status = RETURN_NO_MAPPING;
788 goto Done;
789 }
790
791 SetOrClearCBit (&PageTableEntry->Uint64, Mode);
792 PhysicalAddress += EFI_PAGE_SIZE;
793 Length -= EFI_PAGE_SIZE;
794 }
795 }
796 }
797
798 //
799 // Protect the page table by marking the memory used for page table to be
800 // read-only.
801 //
802 if (IsWpEnabled) {
803 EnablePageTableProtection ((UINTN)PageMapLevel4Entry, TRUE);
804 }
805
806 //
807 // Flush TLB
808 //
809 CpuFlushTlb ();
810
811 Done:
812 //
813 // Restore page table write protection, if any.
814 //
815 if (IsWpEnabled) {
816 EnableReadOnlyPageWriteProtect ();
817 }
818
819 return Status;
820 }
821
822 /**
823 This function clears memory encryption bit for the memory region specified by
824 PhysicalAddress and Length from the current page table context.
825
826 @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use
827 current CR3)
828 @param[in] PhysicalAddress The physical address that is the start
829 address of a memory region.
830 @param[in] Length The length of memory region
831
832 @retval RETURN_SUCCESS The attributes were cleared for the
833 memory region.
834 @retval RETURN_INVALID_PARAMETER Number of pages is zero.
835 @retval RETURN_UNSUPPORTED Clearing the memory encyrption attribute
836 is not supported
837 **/
838 RETURN_STATUS
839 EFIAPI
840 InternalMemEncryptSevSetMemoryDecrypted (
841 IN PHYSICAL_ADDRESS Cr3BaseAddress,
842 IN PHYSICAL_ADDRESS PhysicalAddress,
843 IN UINTN Length
844 )
845 {
846 return SetMemoryEncDec (
847 Cr3BaseAddress,
848 PhysicalAddress,
849 Length,
850 ClearCBit,
851 TRUE
852 );
853 }
854
855 /**
856 This function sets memory encryption bit for the memory region specified by
857 PhysicalAddress and Length from the current page table context.
858
859 @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use
860 current CR3)
861 @param[in] PhysicalAddress The physical address that is the start
862 address of a memory region.
863 @param[in] Length The length of memory region
864
865 @retval RETURN_SUCCESS The attributes were set for the memory
866 region.
867 @retval RETURN_INVALID_PARAMETER Number of pages is zero.
868 @retval RETURN_UNSUPPORTED Setting the memory encyrption attribute
869 is not supported
870 **/
871 RETURN_STATUS
872 EFIAPI
873 InternalMemEncryptSevSetMemoryEncrypted (
874 IN PHYSICAL_ADDRESS Cr3BaseAddress,
875 IN PHYSICAL_ADDRESS PhysicalAddress,
876 IN UINTN Length
877 )
878 {
879 return SetMemoryEncDec (
880 Cr3BaseAddress,
881 PhysicalAddress,
882 Length,
883 SetCBit,
884 TRUE
885 );
886 }
887
888 /**
889 This function clears memory encryption bit for the MMIO region specified by
890 PhysicalAddress and Length.
891
892 @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use
893 current CR3)
894 @param[in] PhysicalAddress The physical address that is the start
895 address of a MMIO region.
896 @param[in] Length The length of memory region
897
898 @retval RETURN_SUCCESS The attributes were cleared for the
899 memory region.
900 @retval RETURN_INVALID_PARAMETER Length is zero.
901 @retval RETURN_UNSUPPORTED Clearing the memory encyrption attribute
902 is not supported
903 **/
904 RETURN_STATUS
905 EFIAPI
906 InternalMemEncryptSevClearMmioPageEncMask (
907 IN PHYSICAL_ADDRESS Cr3BaseAddress,
908 IN PHYSICAL_ADDRESS PhysicalAddress,
909 IN UINTN Length
910 )
911 {
912 return SetMemoryEncDec (
913 Cr3BaseAddress,
914 PhysicalAddress,
915 Length,
916 ClearCBit,
917 FALSE
918 );
919 }
EFI Development Kit II mirror for PVE