]> git.proxmox.com Git - mirror_edk2.git/blob - OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
OvmfPkg/BaseMemcryptSevLib: Add SEV helper library
[mirror_edk2.git] / OvmfPkg / Library / BaseMemEncryptSevLib / X64 / VirtualMemory.c
1 /** @file
2
3 Virtual Memory Management Services to set or clear the memory encryption bit
4
5 Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>
6 Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>
7
8 This program and the accompanying materials
9 are licensed and made available under the terms and conditions of the BSD License
10 which accompanies this distribution. The full text of the license may be found at
11 http://opensource.org/licenses/bsd-license.php
12
13 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
14 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
15
16 Code is derived from MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
17
18 **/
19
20 #include <Library/CpuLib.h>
21 #include <Register/Cpuid.h>
22 #include <Register/Amd/Cpuid.h>
23
24 #include "VirtualMemory.h"
25
26 STATIC BOOLEAN mAddressEncMaskChecked = FALSE;
27 STATIC UINT64 mAddressEncMask;
28
29 typedef enum {
30 SetCBit,
31 ClearCBit
32 } MAP_RANGE_MODE;
33
34 /**
35 Get the memory encryption mask
36
37 @param[out] EncryptionMask contains the pte mask.
38
39 **/
40 STATIC
41 UINT64
42 GetMemEncryptionAddressMask (
43 VOID
44 )
45 {
46 UINT64 EncryptionMask;
47 CPUID_MEMORY_ENCRYPTION_INFO_EBX Ebx;
48
49 if (mAddressEncMaskChecked) {
50 return mAddressEncMask;
51 }
52
53 //
54 // CPUID Fn8000_001F[EBX] Bit 0:5 (memory encryption bit position)
55 //
56 AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, NULL, &Ebx.Uint32, NULL, NULL);
57 EncryptionMask = LShiftU64 (1, Ebx.Bits.PtePosBits);
58
59 mAddressEncMask = EncryptionMask & PAGING_1G_ADDRESS_MASK_64;
60 mAddressEncMaskChecked = TRUE;
61
62 return mAddressEncMask;
63 }
64
65 /**
66 Split 2M page to 4K.
67
68 @param[in] PhysicalAddress Start physical address the 2M page covered.
69 @param[in, out] PageEntry2M Pointer to 2M page entry.
70 @param[in] StackBase Stack base address.
71 @param[in] StackSize Stack size.
72
73 **/
74 STATIC
75 VOID
76 Split2MPageTo4K (
77 IN PHYSICAL_ADDRESS PhysicalAddress,
78 IN OUT UINT64 *PageEntry2M,
79 IN PHYSICAL_ADDRESS StackBase,
80 IN UINTN StackSize
81 )
82 {
83 PHYSICAL_ADDRESS PhysicalAddress4K;
84 UINTN IndexOfPageTableEntries;
85 PAGE_TABLE_4K_ENTRY *PageTableEntry, *PageTableEntry1;
86 UINT64 AddressEncMask;
87
88 PageTableEntry = AllocatePages(1);
89
90 PageTableEntry1 = PageTableEntry;
91
92 AddressEncMask = GetMemEncryptionAddressMask ();
93
94 ASSERT (PageTableEntry != NULL);
95 ASSERT (*PageEntry2M & AddressEncMask);
96
97 PhysicalAddress4K = PhysicalAddress;
98 for (IndexOfPageTableEntries = 0; IndexOfPageTableEntries < 512; IndexOfPageTableEntries++, PageTableEntry++, PhysicalAddress4K += SIZE_4KB) {
99 //
100 // Fill in the Page Table entries
101 //
102 PageTableEntry->Uint64 = (UINT64) PhysicalAddress4K | AddressEncMask;
103 PageTableEntry->Bits.ReadWrite = 1;
104 PageTableEntry->Bits.Present = 1;
105 if ((PhysicalAddress4K >= StackBase) && (PhysicalAddress4K < StackBase + StackSize)) {
106 //
107 // Set Nx bit for stack.
108 //
109 PageTableEntry->Bits.Nx = 1;
110 }
111 }
112
113 //
114 // Fill in 2M page entry.
115 //
116 *PageEntry2M = (UINT64) (UINTN) PageTableEntry1 | IA32_PG_P | IA32_PG_RW | AddressEncMask;
117 }
118
119 /**
120 Split 1G page to 2M.
121
122 @param[in] PhysicalAddress Start physical address the 1G page covered.
123 @param[in, out] PageEntry1G Pointer to 1G page entry.
124 @param[in] StackBase Stack base address.
125 @param[in] StackSize Stack size.
126
127 **/
128 STATIC
129 VOID
130 Split1GPageTo2M (
131 IN PHYSICAL_ADDRESS PhysicalAddress,
132 IN OUT UINT64 *PageEntry1G,
133 IN PHYSICAL_ADDRESS StackBase,
134 IN UINTN StackSize
135 )
136 {
137 PHYSICAL_ADDRESS PhysicalAddress2M;
138 UINTN IndexOfPageDirectoryEntries;
139 PAGE_TABLE_ENTRY *PageDirectoryEntry;
140 UINT64 AddressEncMask;
141
142 PageDirectoryEntry = AllocatePages(1);
143
144 AddressEncMask = GetMemEncryptionAddressMask ();
145 ASSERT (PageDirectoryEntry != NULL);
146 ASSERT (*PageEntry1G & GetMemEncryptionAddressMask ());
147 //
148 // Fill in 1G page entry.
149 //
150 *PageEntry1G = (UINT64) (UINTN) PageDirectoryEntry | IA32_PG_P | IA32_PG_RW | AddressEncMask;
151
152 PhysicalAddress2M = PhysicalAddress;
153 for (IndexOfPageDirectoryEntries = 0; IndexOfPageDirectoryEntries < 512; IndexOfPageDirectoryEntries++, PageDirectoryEntry++, PhysicalAddress2M += SIZE_2MB) {
154 if ((PhysicalAddress2M < StackBase + StackSize) && ((PhysicalAddress2M + SIZE_2MB) > StackBase)) {
155 //
156 // Need to split this 2M page that covers stack range.
157 //
158 Split2MPageTo4K (PhysicalAddress2M, (UINT64 *) PageDirectoryEntry, StackBase, StackSize);
159 } else {
160 //
161 // Fill in the Page Directory entries
162 //
163 PageDirectoryEntry->Uint64 = (UINT64) PhysicalAddress2M | AddressEncMask;
164 PageDirectoryEntry->Bits.ReadWrite = 1;
165 PageDirectoryEntry->Bits.Present = 1;
166 PageDirectoryEntry->Bits.MustBe1 = 1;
167 }
168 }
169 }
170
171
172 /**
173 Set or Clear the memory encryption bit
174
175 @param[in] PagetablePoint Page table entry pointer (PTE).
176 @param[in] Mode Set or Clear encryption bit
177
178 **/
179 STATIC VOID
180 SetOrClearCBit(
181 IN OUT UINT64* PageTablePointer,
182 IN MAP_RANGE_MODE Mode
183 )
184 {
185 UINT64 AddressEncMask;
186
187 AddressEncMask = GetMemEncryptionAddressMask ();
188
189 if (Mode == SetCBit) {
190 *PageTablePointer |= AddressEncMask;
191 } else {
192 *PageTablePointer &= ~AddressEncMask;
193 }
194
195 }
196
197 /**
198 This function either sets or clears memory encryption bit for the memory region
199 specified by PhysicalAddress and length from the current page table context.
200
201 The function iterates through the physicalAddress one page at a time, and set
202 or clears the memory encryption mask in the page table. If it encounters
203 that a given physical address range is part of large page then it attempts to
204 change the attribute at one go (based on size), otherwise it splits the
205 large pages into smaller (e.g 2M page into 4K pages) and then try to set or
206 clear the encryption bit on the smallest page size.
207
208 @param[in] PhysicalAddress The physical address that is the start
209 address of a memory region.
210 @param[in] Length The length of memory region
211 @param[in] Mode Set or Clear mode
212 @param[in] Flush Flush the caches before applying the
213 encryption mask
214
215 @retval RETURN_SUCCESS The attributes were cleared for the memory
216 region.
217 @retval RETURN_INVALID_PARAMETER Number of pages is zero.
218 @retval RETURN_UNSUPPORTED Setting the memory encyrption attribute is
219 not supported
220 **/
221
222 STATIC
223 RETURN_STATUS
224 EFIAPI
225 SetMemoryEncDec (
226 IN PHYSICAL_ADDRESS Cr3BaseAddress,
227 IN PHYSICAL_ADDRESS PhysicalAddress,
228 IN UINTN Length,
229 IN MAP_RANGE_MODE Mode,
230 IN BOOLEAN CacheFlush
231 )
232 {
233 PAGE_MAP_AND_DIRECTORY_POINTER *PageMapLevel4Entry;
234 PAGE_MAP_AND_DIRECTORY_POINTER *PageUpperDirectoryPointerEntry;
235 PAGE_MAP_AND_DIRECTORY_POINTER *PageDirectoryPointerEntry;
236 PAGE_TABLE_1G_ENTRY *PageDirectory1GEntry;
237 PAGE_TABLE_ENTRY *PageDirectory2MEntry;
238 PAGE_TABLE_4K_ENTRY *PageTableEntry;
239 UINT64 PgTableMask;
240 UINT64 AddressEncMask;
241
242 //
243 // Check if we have a valid memory encryption mask
244 //
245 AddressEncMask = GetMemEncryptionAddressMask ();
246 if (!AddressEncMask) {
247 return RETURN_ACCESS_DENIED;
248 }
249
250 PgTableMask = AddressEncMask | EFI_PAGE_MASK;
251
252 if (Length == 0) {
253 return RETURN_INVALID_PARAMETER;
254 }
255
256 //
257 // We are going to change the memory encryption attribute from C=0 -> C=1 or
258 // vice versa Flush the caches to ensure that data is written into memory with
259 // correct C-bit
260 //
261 if (CacheFlush) {
262 WriteBackInvalidateDataCacheRange((VOID*) (UINTN)PhysicalAddress, Length);
263 }
264
265 while (Length)
266 {
267 //
268 // If Cr3BaseAddress is not specified then read the current CR3
269 //
270 if (Cr3BaseAddress == 0) {
271 Cr3BaseAddress = AsmReadCr3();
272 }
273
274 PageMapLevel4Entry = (VOID*) (Cr3BaseAddress & ~PgTableMask);
275 PageMapLevel4Entry += PML4_OFFSET(PhysicalAddress);
276 if (!PageMapLevel4Entry->Bits.Present) {
277 DEBUG ((DEBUG_WARN,
278 "%a:%a ERROR bad PML4 for %lx\n", gEfiCallerBaseName, __FUNCTION__,
279 PhysicalAddress));
280 return RETURN_NO_MAPPING;
281 }
282
283 PageDirectory1GEntry = (VOID*) ((PageMapLevel4Entry->Bits.PageTableBaseAddress<<12) & ~PgTableMask);
284 PageDirectory1GEntry += PDP_OFFSET(PhysicalAddress);
285 if (!PageDirectory1GEntry->Bits.Present) {
286 DEBUG ((DEBUG_WARN,
287 "%a:%a ERROR bad PDPE for %lx\n", gEfiCallerBaseName,
288 __FUNCTION__, PhysicalAddress));
289 return RETURN_NO_MAPPING;
290 }
291
292 //
293 // If the MustBe1 bit is not 1, it's not actually a 1GB entry
294 //
295 if (PageDirectory1GEntry->Bits.MustBe1) {
296 //
297 // Valid 1GB page
298 // If we have at least 1GB to go, we can just update this entry
299 //
300 if (!(PhysicalAddress & (BIT30 - 1)) && Length >= BIT30) {
301 SetOrClearCBit(&PageDirectory1GEntry->Uint64, Mode);
302 DEBUG ((DEBUG_VERBOSE,
303 "%a:%a Updated 1GB entry for %lx\n", gEfiCallerBaseName,
304 __FUNCTION__, PhysicalAddress));
305 PhysicalAddress += BIT30;
306 Length -= BIT30;
307 } else {
308 //
309 // We must split the page
310 //
311 DEBUG ((DEBUG_VERBOSE,
312 "%a:%a Spliting 1GB page\n", gEfiCallerBaseName, __FUNCTION__));
313 Split1GPageTo2M(((UINT64)PageDirectory1GEntry->Bits.PageTableBaseAddress)<<30, (UINT64*) PageDirectory1GEntry, 0, 0);
314 continue;
315 }
316 } else {
317 //
318 // Actually a PDP
319 //
320 PageUpperDirectoryPointerEntry = (PAGE_MAP_AND_DIRECTORY_POINTER*) PageDirectory1GEntry;
321 PageDirectory2MEntry = (VOID*) ((PageUpperDirectoryPointerEntry->Bits.PageTableBaseAddress<<12) & ~PgTableMask);
322 PageDirectory2MEntry += PDE_OFFSET(PhysicalAddress);
323 if (!PageDirectory2MEntry->Bits.Present) {
324 DEBUG ((DEBUG_WARN,
325 "%a:%a ERROR bad PDE for %lx\n", gEfiCallerBaseName, __FUNCTION__,
326 PhysicalAddress));
327 return RETURN_NO_MAPPING;
328 }
329 //
330 // If the MustBe1 bit is not a 1, it's not a 2MB entry
331 //
332 if (PageDirectory2MEntry->Bits.MustBe1) {
333 //
334 // Valid 2MB page
335 // If we have at least 2MB left to go, we can just update this entry
336 //
337 if (!(PhysicalAddress & (BIT21-1)) && Length >= BIT21) {
338 SetOrClearCBit (&PageDirectory2MEntry->Uint64, Mode);
339 PhysicalAddress += BIT21;
340 Length -= BIT21;
341 } else {
342 //
343 // We must split up this page into 4K pages
344 //
345 DEBUG ((DEBUG_VERBOSE,
346 "%a:%a Spliting 2MB page at %lx\n", gEfiCallerBaseName,__FUNCTION__,
347 PhysicalAddress));
348 Split2MPageTo4K (((UINT64)PageDirectory2MEntry->Bits.PageTableBaseAddress) << 21, (UINT64*) PageDirectory2MEntry, 0, 0);
349 continue;
350 }
351 } else {
352 PageDirectoryPointerEntry = (PAGE_MAP_AND_DIRECTORY_POINTER*) PageDirectory2MEntry;
353 PageTableEntry = (VOID*) (PageDirectoryPointerEntry->Bits.PageTableBaseAddress<<12 & ~PgTableMask);
354 PageTableEntry += PTE_OFFSET(PhysicalAddress);
355 if (!PageTableEntry->Bits.Present) {
356 DEBUG ((DEBUG_WARN,
357 "%a:%a ERROR bad PTE for %lx\n", gEfiCallerBaseName,
358 __FUNCTION__, PhysicalAddress));
359 return RETURN_NO_MAPPING;
360 }
361 SetOrClearCBit (&PageTableEntry->Uint64, Mode);
362 PhysicalAddress += EFI_PAGE_SIZE;
363 Length -= EFI_PAGE_SIZE;
364 }
365 }
366 }
367
368 //
369 // Flush TLB
370 //
371 CpuFlushTlb();
372
373 return RETURN_SUCCESS;
374 }
375
376 /**
377 This function clears memory encryption bit for the memory region specified by
378 PhysicalAddress and length from the current page table context.
379
380 @param[in] PhysicalAddress The physical address that is the start
381 address of a memory region.
382 @param[in] Length The length of memory region
383 @param[in] Flush Flush the caches before applying the
384 encryption mask
385
386 @retval RETURN_SUCCESS The attributes were cleared for the memory
387 region.
388 @retval RETURN_INVALID_PARAMETER Number of pages is zero.
389 @retval RETURN_UNSUPPORTED Setting the memory encyrption attribute is
390 not supported
391 **/
392 RETURN_STATUS
393 EFIAPI
394 InternalMemEncryptSevSetMemoryDecrypted (
395 IN PHYSICAL_ADDRESS Cr3BaseAddress,
396 IN PHYSICAL_ADDRESS PhysicalAddress,
397 IN UINTN Length,
398 IN BOOLEAN Flush
399 )
400 {
401
402 DEBUG ((DEBUG_VERBOSE,
403 "%a:%a Clear C-bit Cr3 %Lx Base %Lx Length %Lx flush %d\n",
404 gEfiCallerBaseName, __FUNCTION__, Cr3BaseAddress, PhysicalAddress, Length,
405 Flush));
406 return SetMemoryEncDec (Cr3BaseAddress, PhysicalAddress, Length, ClearCBit, Flush);
407 }
408
409 /**
410 This function sets memory encryption bit for the memory region specified by
411 PhysicalAddress and length from the current page table context.
412
413 @param[in] PhysicalAddress The physical address that is the start address
414 of a memory region.
415 @param[in] Length The length of memory region
416 @param[in] Flush Flush the caches before applying the
417 encryption mask
418
419 @retval RETURN_SUCCESS The attributes were cleared for the memory
420 region.
421 @retval RETURN_INVALID_PARAMETER Number of pages is zero.
422 @retval RETURN_UNSUPPORTED Setting the memory encyrption attribute is
423 not supported
424 **/
425 RETURN_STATUS
426 EFIAPI
427 InternalMemEncryptSevSetMemoryEncrypted (
428 IN PHYSICAL_ADDRESS Cr3BaseAddress,
429 IN PHYSICAL_ADDRESS PhysicalAddress,
430 IN UINTN Length,
431 IN BOOLEAN Flush
432 )
433 {
434 DEBUG ((DEBUG_VERBOSE,
435 "%a:%a Set C-bit Cr3 %Lx Base %Lx Length %Lx flush %d\n",
436 gEfiCallerBaseName, __FUNCTION__, Cr3BaseAddress, PhysicalAddress, Length,
437 Flush));
438 return SetMemoryEncDec (Cr3BaseAddress, PhysicalAddress, Length, SetCBit, Flush);
439 }
EFI Development Kit II mirror for PVE