]> git.proxmox.com Git - mirror_edk2.git/blob - OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
OvmfPkg: Obtain SEV encryption mask with the new MemEncryptSevLib API
[mirror_edk2.git] / OvmfPkg / Library / BaseMemEncryptSevLib / X64 / VirtualMemory.c
1 /** @file
2
3 Virtual Memory Management Services to set or clear the memory encryption bit
4
5 Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
6 Copyright (c) 2017 - 2020, AMD Incorporated. All rights reserved.<BR>
7
8 SPDX-License-Identifier: BSD-2-Clause-Patent
9
10 Code is derived from MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
11
12 **/
13
14 #include <Library/CpuLib.h>
15 #include <Library/MemEncryptSevLib.h>
16 #include <Register/Amd/Cpuid.h>
17 #include <Register/Cpuid.h>
18
19 #include "VirtualMemory.h"
20
21 STATIC BOOLEAN mAddressEncMaskChecked = FALSE;
22 STATIC UINT64 mAddressEncMask;
23 STATIC PAGE_TABLE_POOL *mPageTablePool = NULL;
24
25 typedef enum {
26 SetCBit,
27 ClearCBit
28 } MAP_RANGE_MODE;
29
30 /**
31 Get the memory encryption mask
32
33 @param[out] EncryptionMask contains the pte mask.
34
35 **/
36 STATIC
37 UINT64
38 GetMemEncryptionAddressMask (
39 VOID
40 )
41 {
42 UINT64 EncryptionMask;
43
44 if (mAddressEncMaskChecked) {
45 return mAddressEncMask;
46 }
47
48 EncryptionMask = MemEncryptSevGetEncryptionMask ();
49
50 mAddressEncMask = EncryptionMask & PAGING_1G_ADDRESS_MASK_64;
51 mAddressEncMaskChecked = TRUE;
52
53 return mAddressEncMask;
54 }
55
56 /**
57 Initialize a buffer pool for page table use only.
58
59 To reduce the potential split operation on page table, the pages reserved for
60 page table should be allocated in the times of PAGE_TABLE_POOL_UNIT_PAGES and
61 at the boundary of PAGE_TABLE_POOL_ALIGNMENT. So the page pool is always
62 initialized with number of pages greater than or equal to the given
63 PoolPages.
64
65 Once the pages in the pool are used up, this method should be called again to
66 reserve at least another PAGE_TABLE_POOL_UNIT_PAGES. Usually this won't
67 happen often in practice.
68
69 @param[in] PoolPages The least page number of the pool to be created.
70
71 @retval TRUE The pool is initialized successfully.
72 @retval FALSE The memory is out of resource.
73 **/
74 STATIC
75 BOOLEAN
76 InitializePageTablePool (
77 IN UINTN PoolPages
78 )
79 {
80 VOID *Buffer;
81
82 //
83 // Always reserve at least PAGE_TABLE_POOL_UNIT_PAGES, including one page for
84 // header.
85 //
86 PoolPages += 1; // Add one page for header.
87 PoolPages = ((PoolPages - 1) / PAGE_TABLE_POOL_UNIT_PAGES + 1) *
88 PAGE_TABLE_POOL_UNIT_PAGES;
89 Buffer = AllocateAlignedPages (PoolPages, PAGE_TABLE_POOL_ALIGNMENT);
90 if (Buffer == NULL) {
91 DEBUG ((DEBUG_ERROR, "ERROR: Out of aligned pages\r\n"));
92 return FALSE;
93 }
94
95 //
96 // Link all pools into a list for easier track later.
97 //
98 if (mPageTablePool == NULL) {
99 mPageTablePool = Buffer;
100 mPageTablePool->NextPool = mPageTablePool;
101 } else {
102 ((PAGE_TABLE_POOL *)Buffer)->NextPool = mPageTablePool->NextPool;
103 mPageTablePool->NextPool = Buffer;
104 mPageTablePool = Buffer;
105 }
106
107 //
108 // Reserve one page for pool header.
109 //
110 mPageTablePool->FreePages = PoolPages - 1;
111 mPageTablePool->Offset = EFI_PAGES_TO_SIZE (1);
112
113 return TRUE;
114 }
115
116 /**
117 This API provides a way to allocate memory for page table.
118
119 This API can be called more than once to allocate memory for page tables.
120
121 Allocates the number of 4KB pages and returns a pointer to the allocated
122 buffer. The buffer returned is aligned on a 4KB boundary.
123
124 If Pages is 0, then NULL is returned.
125 If there is not enough memory remaining to satisfy the request, then NULL is
126 returned.
127
128 @param Pages The number of 4 KB pages to allocate.
129
130 @return A pointer to the allocated buffer or NULL if allocation fails.
131
132 **/
133 STATIC
134 VOID *
135 EFIAPI
136 AllocatePageTableMemory (
137 IN UINTN Pages
138 )
139 {
140 VOID *Buffer;
141
142 if (Pages == 0) {
143 return NULL;
144 }
145
146 //
147 // Renew the pool if necessary.
148 //
149 if (mPageTablePool == NULL ||
150 Pages > mPageTablePool->FreePages) {
151 if (!InitializePageTablePool (Pages)) {
152 return NULL;
153 }
154 }
155
156 Buffer = (UINT8 *)mPageTablePool + mPageTablePool->Offset;
157
158 mPageTablePool->Offset += EFI_PAGES_TO_SIZE (Pages);
159 mPageTablePool->FreePages -= Pages;
160
161 DEBUG ((
162 DEBUG_VERBOSE,
163 "%a:%a: Buffer=0x%Lx Pages=%ld\n",
164 gEfiCallerBaseName,
165 __FUNCTION__,
166 Buffer,
167 Pages
168 ));
169
170 return Buffer;
171 }
172
173
174 /**
175 Split 2M page to 4K.
176
177 @param[in] PhysicalAddress Start physical address the 2M page
178 covered.
179 @param[in, out] PageEntry2M Pointer to 2M page entry.
180 @param[in] StackBase Stack base address.
181 @param[in] StackSize Stack size.
182
183 **/
184 STATIC
185 VOID
186 Split2MPageTo4K (
187 IN PHYSICAL_ADDRESS PhysicalAddress,
188 IN OUT UINT64 *PageEntry2M,
189 IN PHYSICAL_ADDRESS StackBase,
190 IN UINTN StackSize
191 )
192 {
193 PHYSICAL_ADDRESS PhysicalAddress4K;
194 UINTN IndexOfPageTableEntries;
195 PAGE_TABLE_4K_ENTRY *PageTableEntry, *PageTableEntry1;
196 UINT64 AddressEncMask;
197
198 PageTableEntry = AllocatePageTableMemory(1);
199
200 PageTableEntry1 = PageTableEntry;
201
202 AddressEncMask = GetMemEncryptionAddressMask ();
203
204 ASSERT (PageTableEntry != NULL);
205 ASSERT (*PageEntry2M & AddressEncMask);
206
207 PhysicalAddress4K = PhysicalAddress;
208 for (IndexOfPageTableEntries = 0;
209 IndexOfPageTableEntries < 512;
210 (IndexOfPageTableEntries++,
211 PageTableEntry++,
212 PhysicalAddress4K += SIZE_4KB)) {
213 //
214 // Fill in the Page Table entries
215 //
216 PageTableEntry->Uint64 = (UINT64) PhysicalAddress4K | AddressEncMask;
217 PageTableEntry->Bits.ReadWrite = 1;
218 PageTableEntry->Bits.Present = 1;
219 if ((PhysicalAddress4K >= StackBase) &&
220 (PhysicalAddress4K < StackBase + StackSize)) {
221 //
222 // Set Nx bit for stack.
223 //
224 PageTableEntry->Bits.Nx = 1;
225 }
226 }
227
228 //
229 // Fill in 2M page entry.
230 //
231 *PageEntry2M = ((UINT64)(UINTN)PageTableEntry1 |
232 IA32_PG_P | IA32_PG_RW | AddressEncMask);
233 }
234
235 /**
236 Set one page of page table pool memory to be read-only.
237
238 @param[in] PageTableBase Base address of page table (CR3).
239 @param[in] Address Start address of a page to be set as read-only.
240 @param[in] Level4Paging Level 4 paging flag.
241
242 **/
243 STATIC
244 VOID
245 SetPageTablePoolReadOnly (
246 IN UINTN PageTableBase,
247 IN EFI_PHYSICAL_ADDRESS Address,
248 IN BOOLEAN Level4Paging
249 )
250 {
251 UINTN Index;
252 UINTN EntryIndex;
253 UINT64 AddressEncMask;
254 EFI_PHYSICAL_ADDRESS PhysicalAddress;
255 UINT64 *PageTable;
256 UINT64 *NewPageTable;
257 UINT64 PageAttr;
258 UINT64 LevelSize[5];
259 UINT64 LevelMask[5];
260 UINTN LevelShift[5];
261 UINTN Level;
262 UINT64 PoolUnitSize;
263
264 ASSERT (PageTableBase != 0);
265
266 //
267 // Since the page table is always from page table pool, which is always
268 // located at the boundary of PcdPageTablePoolAlignment, we just need to
269 // set the whole pool unit to be read-only.
270 //
271 Address = Address & PAGE_TABLE_POOL_ALIGN_MASK;
272
273 LevelShift[1] = PAGING_L1_ADDRESS_SHIFT;
274 LevelShift[2] = PAGING_L2_ADDRESS_SHIFT;
275 LevelShift[3] = PAGING_L3_ADDRESS_SHIFT;
276 LevelShift[4] = PAGING_L4_ADDRESS_SHIFT;
277
278 LevelMask[1] = PAGING_4K_ADDRESS_MASK_64;
279 LevelMask[2] = PAGING_2M_ADDRESS_MASK_64;
280 LevelMask[3] = PAGING_1G_ADDRESS_MASK_64;
281 LevelMask[4] = PAGING_1G_ADDRESS_MASK_64;
282
283 LevelSize[1] = SIZE_4KB;
284 LevelSize[2] = SIZE_2MB;
285 LevelSize[3] = SIZE_1GB;
286 LevelSize[4] = SIZE_512GB;
287
288 AddressEncMask = GetMemEncryptionAddressMask();
289 PageTable = (UINT64 *)(UINTN)PageTableBase;
290 PoolUnitSize = PAGE_TABLE_POOL_UNIT_SIZE;
291
292 for (Level = (Level4Paging) ? 4 : 3; Level > 0; --Level) {
293 Index = ((UINTN)RShiftU64 (Address, LevelShift[Level]));
294 Index &= PAGING_PAE_INDEX_MASK;
295
296 PageAttr = PageTable[Index];
297 if ((PageAttr & IA32_PG_PS) == 0) {
298 //
299 // Go to next level of table.
300 //
301 PageTable = (UINT64 *)(UINTN)(PageAttr & ~AddressEncMask &
302 PAGING_4K_ADDRESS_MASK_64);
303 continue;
304 }
305
306 if (PoolUnitSize >= LevelSize[Level]) {
307 //
308 // Clear R/W bit if current page granularity is not larger than pool unit
309 // size.
310 //
311 if ((PageAttr & IA32_PG_RW) != 0) {
312 while (PoolUnitSize > 0) {
313 //
314 // PAGE_TABLE_POOL_UNIT_SIZE and PAGE_TABLE_POOL_ALIGNMENT are fit in
315 // one page (2MB). Then we don't need to update attributes for pages
316 // crossing page directory. ASSERT below is for that purpose.
317 //
318 ASSERT (Index < EFI_PAGE_SIZE/sizeof (UINT64));
319
320 PageTable[Index] &= ~(UINT64)IA32_PG_RW;
321 PoolUnitSize -= LevelSize[Level];
322
323 ++Index;
324 }
325 }
326
327 break;
328
329 } else {
330 //
331 // The smaller granularity of page must be needed.
332 //
333 ASSERT (Level > 1);
334
335 NewPageTable = AllocatePageTableMemory (1);
336 ASSERT (NewPageTable != NULL);
337
338 PhysicalAddress = PageAttr & LevelMask[Level];
339 for (EntryIndex = 0;
340 EntryIndex < EFI_PAGE_SIZE/sizeof (UINT64);
341 ++EntryIndex) {
342 NewPageTable[EntryIndex] = PhysicalAddress | AddressEncMask |
343 IA32_PG_P | IA32_PG_RW;
344 if (Level > 2) {
345 NewPageTable[EntryIndex] |= IA32_PG_PS;
346 }
347 PhysicalAddress += LevelSize[Level - 1];
348 }
349
350 PageTable[Index] = (UINT64)(UINTN)NewPageTable | AddressEncMask |
351 IA32_PG_P | IA32_PG_RW;
352 PageTable = NewPageTable;
353 }
354 }
355 }
356
357 /**
358 Prevent the memory pages used for page table from been overwritten.
359
360 @param[in] PageTableBase Base address of page table (CR3).
361 @param[in] Level4Paging Level 4 paging flag.
362
363 **/
364 STATIC
365 VOID
366 EnablePageTableProtection (
367 IN UINTN PageTableBase,
368 IN BOOLEAN Level4Paging
369 )
370 {
371 PAGE_TABLE_POOL *HeadPool;
372 PAGE_TABLE_POOL *Pool;
373 UINT64 PoolSize;
374 EFI_PHYSICAL_ADDRESS Address;
375
376 if (mPageTablePool == NULL) {
377 return;
378 }
379
380 //
381 // SetPageTablePoolReadOnly might update mPageTablePool. It's safer to
382 // remember original one in advance.
383 //
384 HeadPool = mPageTablePool;
385 Pool = HeadPool;
386 do {
387 Address = (EFI_PHYSICAL_ADDRESS)(UINTN)Pool;
388 PoolSize = Pool->Offset + EFI_PAGES_TO_SIZE (Pool->FreePages);
389
390 //
391 // The size of one pool must be multiple of PAGE_TABLE_POOL_UNIT_SIZE,
392 // which is one of page size of the processor (2MB by default). Let's apply
393 // the protection to them one by one.
394 //
395 while (PoolSize > 0) {
396 SetPageTablePoolReadOnly(PageTableBase, Address, Level4Paging);
397 Address += PAGE_TABLE_POOL_UNIT_SIZE;
398 PoolSize -= PAGE_TABLE_POOL_UNIT_SIZE;
399 }
400
401 Pool = Pool->NextPool;
402 } while (Pool != HeadPool);
403
404 }
405
406
407 /**
408 Split 1G page to 2M.
409
410 @param[in] PhysicalAddress Start physical address the 1G page
411 covered.
412 @param[in, out] PageEntry1G Pointer to 1G page entry.
413 @param[in] StackBase Stack base address.
414 @param[in] StackSize Stack size.
415
416 **/
417 STATIC
418 VOID
419 Split1GPageTo2M (
420 IN PHYSICAL_ADDRESS PhysicalAddress,
421 IN OUT UINT64 *PageEntry1G,
422 IN PHYSICAL_ADDRESS StackBase,
423 IN UINTN StackSize
424 )
425 {
426 PHYSICAL_ADDRESS PhysicalAddress2M;
427 UINTN IndexOfPageDirectoryEntries;
428 PAGE_TABLE_ENTRY *PageDirectoryEntry;
429 UINT64 AddressEncMask;
430
431 PageDirectoryEntry = AllocatePageTableMemory(1);
432
433 AddressEncMask = GetMemEncryptionAddressMask ();
434 ASSERT (PageDirectoryEntry != NULL);
435 ASSERT (*PageEntry1G & AddressEncMask);
436 //
437 // Fill in 1G page entry.
438 //
439 *PageEntry1G = ((UINT64)(UINTN)PageDirectoryEntry |
440 IA32_PG_P | IA32_PG_RW | AddressEncMask);
441
442 PhysicalAddress2M = PhysicalAddress;
443 for (IndexOfPageDirectoryEntries = 0;
444 IndexOfPageDirectoryEntries < 512;
445 (IndexOfPageDirectoryEntries++,
446 PageDirectoryEntry++,
447 PhysicalAddress2M += SIZE_2MB)) {
448 if ((PhysicalAddress2M < StackBase + StackSize) &&
449 ((PhysicalAddress2M + SIZE_2MB) > StackBase)) {
450 //
451 // Need to split this 2M page that covers stack range.
452 //
453 Split2MPageTo4K (
454 PhysicalAddress2M,
455 (UINT64 *)PageDirectoryEntry,
456 StackBase,
457 StackSize
458 );
459 } else {
460 //
461 // Fill in the Page Directory entries
462 //
463 PageDirectoryEntry->Uint64 = (UINT64) PhysicalAddress2M | AddressEncMask;
464 PageDirectoryEntry->Bits.ReadWrite = 1;
465 PageDirectoryEntry->Bits.Present = 1;
466 PageDirectoryEntry->Bits.MustBe1 = 1;
467 }
468 }
469 }
470
471
472 /**
473 Set or Clear the memory encryption bit
474
475 @param[in] PagetablePoint Page table entry pointer (PTE).
476 @param[in] Mode Set or Clear encryption bit
477
478 **/
479 STATIC VOID
480 SetOrClearCBit(
481 IN OUT UINT64* PageTablePointer,
482 IN MAP_RANGE_MODE Mode
483 )
484 {
485 UINT64 AddressEncMask;
486
487 AddressEncMask = GetMemEncryptionAddressMask ();
488
489 if (Mode == SetCBit) {
490 *PageTablePointer |= AddressEncMask;
491 } else {
492 *PageTablePointer &= ~AddressEncMask;
493 }
494
495 }
496
497 /**
498 Check the WP status in CR0 register. This bit is used to lock or unlock write
499 access to pages marked as read-only.
500
501 @retval TRUE Write protection is enabled.
502 @retval FALSE Write protection is disabled.
503 **/
504 STATIC
505 BOOLEAN
506 IsReadOnlyPageWriteProtected (
507 VOID
508 )
509 {
510 return ((AsmReadCr0 () & BIT16) != 0);
511 }
512
513
514 /**
515 Disable Write Protect on pages marked as read-only.
516 **/
517 STATIC
518 VOID
519 DisableReadOnlyPageWriteProtect (
520 VOID
521 )
522 {
523 AsmWriteCr0 (AsmReadCr0() & ~BIT16);
524 }
525
526 /**
527 Enable Write Protect on pages marked as read-only.
528 **/
529 VOID
530 EnableReadOnlyPageWriteProtect (
531 VOID
532 )
533 {
534 AsmWriteCr0 (AsmReadCr0() | BIT16);
535 }
536
537
538 /**
539 This function either sets or clears memory encryption bit for the memory
540 region specified by PhysicalAddress and Length from the current page table
541 context.
542
543 The function iterates through the PhysicalAddress one page at a time, and set
544 or clears the memory encryption mask in the page table. If it encounters
545 that a given physical address range is part of large page then it attempts to
546 change the attribute at one go (based on size), otherwise it splits the
547 large pages into smaller (e.g 2M page into 4K pages) and then try to set or
548 clear the encryption bit on the smallest page size.
549
550 @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use
551 current CR3)
552 @param[in] PhysicalAddress The physical address that is the start
553 address of a memory region.
554 @param[in] Length The length of memory region
555 @param[in] Mode Set or Clear mode
556 @param[in] CacheFlush Flush the caches before applying the
557 encryption mask
558
559 @retval RETURN_SUCCESS The attributes were cleared for the
560 memory region.
561 @retval RETURN_INVALID_PARAMETER Number of pages is zero.
562 @retval RETURN_UNSUPPORTED Setting the memory encyrption attribute
563 is not supported
564 **/
565
566 STATIC
567 RETURN_STATUS
568 EFIAPI
569 SetMemoryEncDec (
570 IN PHYSICAL_ADDRESS Cr3BaseAddress,
571 IN PHYSICAL_ADDRESS PhysicalAddress,
572 IN UINTN Length,
573 IN MAP_RANGE_MODE Mode,
574 IN BOOLEAN CacheFlush
575 )
576 {
577 PAGE_MAP_AND_DIRECTORY_POINTER *PageMapLevel4Entry;
578 PAGE_MAP_AND_DIRECTORY_POINTER *PageUpperDirectoryPointerEntry;
579 PAGE_MAP_AND_DIRECTORY_POINTER *PageDirectoryPointerEntry;
580 PAGE_TABLE_1G_ENTRY *PageDirectory1GEntry;
581 PAGE_TABLE_ENTRY *PageDirectory2MEntry;
582 PAGE_TABLE_4K_ENTRY *PageTableEntry;
583 UINT64 PgTableMask;
584 UINT64 AddressEncMask;
585 BOOLEAN IsWpEnabled;
586 RETURN_STATUS Status;
587
588 //
589 // Set PageMapLevel4Entry to suppress incorrect compiler/analyzer warnings.
590 //
591 PageMapLevel4Entry = NULL;
592
593 DEBUG ((
594 DEBUG_VERBOSE,
595 "%a:%a: Cr3Base=0x%Lx Physical=0x%Lx Length=0x%Lx Mode=%a CacheFlush=%u\n",
596 gEfiCallerBaseName,
597 __FUNCTION__,
598 Cr3BaseAddress,
599 PhysicalAddress,
600 (UINT64)Length,
601 (Mode == SetCBit) ? "Encrypt" : "Decrypt",
602 (UINT32)CacheFlush
603 ));
604
605 //
606 // Check if we have a valid memory encryption mask
607 //
608 AddressEncMask = GetMemEncryptionAddressMask ();
609 if (!AddressEncMask) {
610 return RETURN_ACCESS_DENIED;
611 }
612
613 PgTableMask = AddressEncMask | EFI_PAGE_MASK;
614
615 if (Length == 0) {
616 return RETURN_INVALID_PARAMETER;
617 }
618
619 //
620 // We are going to change the memory encryption attribute from C=0 -> C=1 or
621 // vice versa Flush the caches to ensure that data is written into memory
622 // with correct C-bit
623 //
624 if (CacheFlush) {
625 WriteBackInvalidateDataCacheRange((VOID*) (UINTN)PhysicalAddress, Length);
626 }
627
628 //
629 // Make sure that the page table is changeable.
630 //
631 IsWpEnabled = IsReadOnlyPageWriteProtected ();
632 if (IsWpEnabled) {
633 DisableReadOnlyPageWriteProtect ();
634 }
635
636 Status = EFI_SUCCESS;
637
638 while (Length)
639 {
640 //
641 // If Cr3BaseAddress is not specified then read the current CR3
642 //
643 if (Cr3BaseAddress == 0) {
644 Cr3BaseAddress = AsmReadCr3();
645 }
646
647 PageMapLevel4Entry = (VOID*) (Cr3BaseAddress & ~PgTableMask);
648 PageMapLevel4Entry += PML4_OFFSET(PhysicalAddress);
649 if (!PageMapLevel4Entry->Bits.Present) {
650 DEBUG ((
651 DEBUG_ERROR,
652 "%a:%a: bad PML4 for Physical=0x%Lx\n",
653 gEfiCallerBaseName,
654 __FUNCTION__,
655 PhysicalAddress
656 ));
657 Status = RETURN_NO_MAPPING;
658 goto Done;
659 }
660
661 PageDirectory1GEntry = (VOID *)(
662 (PageMapLevel4Entry->Bits.PageTableBaseAddress <<
663 12) & ~PgTableMask
664 );
665 PageDirectory1GEntry += PDP_OFFSET(PhysicalAddress);
666 if (!PageDirectory1GEntry->Bits.Present) {
667 DEBUG ((
668 DEBUG_ERROR,
669 "%a:%a: bad PDPE for Physical=0x%Lx\n",
670 gEfiCallerBaseName,
671 __FUNCTION__,
672 PhysicalAddress
673 ));
674 Status = RETURN_NO_MAPPING;
675 goto Done;
676 }
677
678 //
679 // If the MustBe1 bit is not 1, it's not actually a 1GB entry
680 //
681 if (PageDirectory1GEntry->Bits.MustBe1) {
682 //
683 // Valid 1GB page
684 // If we have at least 1GB to go, we can just update this entry
685 //
686 if (!(PhysicalAddress & (BIT30 - 1)) && Length >= BIT30) {
687 SetOrClearCBit(&PageDirectory1GEntry->Uint64, Mode);
688 DEBUG ((
689 DEBUG_VERBOSE,
690 "%a:%a: updated 1GB entry for Physical=0x%Lx\n",
691 gEfiCallerBaseName,
692 __FUNCTION__,
693 PhysicalAddress
694 ));
695 PhysicalAddress += BIT30;
696 Length -= BIT30;
697 } else {
698 //
699 // We must split the page
700 //
701 DEBUG ((
702 DEBUG_VERBOSE,
703 "%a:%a: splitting 1GB page for Physical=0x%Lx\n",
704 gEfiCallerBaseName,
705 __FUNCTION__,
706 PhysicalAddress
707 ));
708 Split1GPageTo2M (
709 (UINT64)PageDirectory1GEntry->Bits.PageTableBaseAddress << 30,
710 (UINT64 *)PageDirectory1GEntry,
711 0,
712 0
713 );
714 continue;
715 }
716 } else {
717 //
718 // Actually a PDP
719 //
720 PageUpperDirectoryPointerEntry =
721 (PAGE_MAP_AND_DIRECTORY_POINTER *)PageDirectory1GEntry;
722 PageDirectory2MEntry =
723 (VOID *)(
724 (PageUpperDirectoryPointerEntry->Bits.PageTableBaseAddress <<
725 12) & ~PgTableMask
726 );
727 PageDirectory2MEntry += PDE_OFFSET(PhysicalAddress);
728 if (!PageDirectory2MEntry->Bits.Present) {
729 DEBUG ((
730 DEBUG_ERROR,
731 "%a:%a: bad PDE for Physical=0x%Lx\n",
732 gEfiCallerBaseName,
733 __FUNCTION__,
734 PhysicalAddress
735 ));
736 Status = RETURN_NO_MAPPING;
737 goto Done;
738 }
739 //
740 // If the MustBe1 bit is not a 1, it's not a 2MB entry
741 //
742 if (PageDirectory2MEntry->Bits.MustBe1) {
743 //
744 // Valid 2MB page
745 // If we have at least 2MB left to go, we can just update this entry
746 //
747 if (!(PhysicalAddress & (BIT21-1)) && Length >= BIT21) {
748 SetOrClearCBit (&PageDirectory2MEntry->Uint64, Mode);
749 PhysicalAddress += BIT21;
750 Length -= BIT21;
751 } else {
752 //
753 // We must split up this page into 4K pages
754 //
755 DEBUG ((
756 DEBUG_VERBOSE,
757 "%a:%a: splitting 2MB page for Physical=0x%Lx\n",
758 gEfiCallerBaseName,
759 __FUNCTION__,
760 PhysicalAddress
761 ));
762 Split2MPageTo4K (
763 (UINT64)PageDirectory2MEntry->Bits.PageTableBaseAddress << 21,
764 (UINT64 *)PageDirectory2MEntry,
765 0,
766 0
767 );
768 continue;
769 }
770 } else {
771 PageDirectoryPointerEntry =
772 (PAGE_MAP_AND_DIRECTORY_POINTER *)PageDirectory2MEntry;
773 PageTableEntry =
774 (VOID *)(
775 (PageDirectoryPointerEntry->Bits.PageTableBaseAddress <<
776 12) & ~PgTableMask
777 );
778 PageTableEntry += PTE_OFFSET(PhysicalAddress);
779 if (!PageTableEntry->Bits.Present) {
780 DEBUG ((
781 DEBUG_ERROR,
782 "%a:%a: bad PTE for Physical=0x%Lx\n",
783 gEfiCallerBaseName,
784 __FUNCTION__,
785 PhysicalAddress
786 ));
787 Status = RETURN_NO_MAPPING;
788 goto Done;
789 }
790 SetOrClearCBit (&PageTableEntry->Uint64, Mode);
791 PhysicalAddress += EFI_PAGE_SIZE;
792 Length -= EFI_PAGE_SIZE;
793 }
794 }
795 }
796
797 //
798 // Protect the page table by marking the memory used for page table to be
799 // read-only.
800 //
801 if (IsWpEnabled) {
802 EnablePageTableProtection ((UINTN)PageMapLevel4Entry, TRUE);
803 }
804
805 //
806 // Flush TLB
807 //
808 CpuFlushTlb();
809
810 Done:
811 //
812 // Restore page table write protection, if any.
813 //
814 if (IsWpEnabled) {
815 EnableReadOnlyPageWriteProtect ();
816 }
817
818 return Status;
819 }
820
821 /**
822 This function clears memory encryption bit for the memory region specified by
823 PhysicalAddress and Length from the current page table context.
824
825 @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use
826 current CR3)
827 @param[in] PhysicalAddress The physical address that is the start
828 address of a memory region.
829 @param[in] Length The length of memory region
830 @param[in] Flush Flush the caches before applying the
831 encryption mask
832
833 @retval RETURN_SUCCESS The attributes were cleared for the
834 memory region.
835 @retval RETURN_INVALID_PARAMETER Number of pages is zero.
836 @retval RETURN_UNSUPPORTED Clearing the memory encyrption attribute
837 is not supported
838 **/
839 RETURN_STATUS
840 EFIAPI
841 InternalMemEncryptSevSetMemoryDecrypted (
842 IN PHYSICAL_ADDRESS Cr3BaseAddress,
843 IN PHYSICAL_ADDRESS PhysicalAddress,
844 IN UINTN Length,
845 IN BOOLEAN Flush
846 )
847 {
848
849 return SetMemoryEncDec (
850 Cr3BaseAddress,
851 PhysicalAddress,
852 Length,
853 ClearCBit,
854 Flush
855 );
856 }
857
858 /**
859 This function sets memory encryption bit for the memory region specified by
860 PhysicalAddress and Length from the current page table context.
861
862 @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use
863 current CR3)
864 @param[in] PhysicalAddress The physical address that is the start
865 address of a memory region.
866 @param[in] Length The length of memory region
867 @param[in] Flush Flush the caches before applying the
868 encryption mask
869
870 @retval RETURN_SUCCESS The attributes were set for the memory
871 region.
872 @retval RETURN_INVALID_PARAMETER Number of pages is zero.
873 @retval RETURN_UNSUPPORTED Setting the memory encyrption attribute
874 is not supported
875 **/
876 RETURN_STATUS
877 EFIAPI
878 InternalMemEncryptSevSetMemoryEncrypted (
879 IN PHYSICAL_ADDRESS Cr3BaseAddress,
880 IN PHYSICAL_ADDRESS PhysicalAddress,
881 IN UINTN Length,
882 IN BOOLEAN Flush
883 )
884 {
885 return SetMemoryEncDec (
886 Cr3BaseAddress,
887 PhysicalAddress,
888 Length,
889 SetCBit,
890 Flush
891 );
892 }
EFI Development Kit II mirror for PVE