goto FreeMapInfo;\r
}\r
\r
- if (CC_GUEST_IS_SEV (PcdGet64 (PcdConfidentialComputingGuestAttr))) {\r
+ if (MapInfo->ReservedMemBitmap == 0) {\r
//\r
- // Clear the memory encryption mask on the plaintext buffer.\r
- //\r
- Status = MemEncryptSevClearPageEncMask (\r
- 0,\r
- MapInfo->PlainTextAddress,\r
- MapInfo->NumberOfPages\r
- );\r
- } else if (CC_GUEST_IS_TDX (PcdGet64 (PcdConfidentialComputingGuestAttr))) {\r
- //\r
- // Set the memory shared bit.\r
// If MapInfo->ReservedMemBitmap is 0, it means the bounce buffer is not allocated\r
// from the pre-allocated shared memory, so it must be converted to shared memory here.\r
//\r
- if (MapInfo->ReservedMemBitmap == 0) {\r
+ if (CC_GUEST_IS_SEV (PcdGet64 (PcdConfidentialComputingGuestAttr))) {\r
+ //\r
+ // Clear the memory encryption mask on the plaintext buffer.\r
+ //\r
+ Status = MemEncryptSevClearPageEncMask (\r
+ 0,\r
+ MapInfo->PlainTextAddress,\r
+ MapInfo->NumberOfPages\r
+ );\r
+ } else if (CC_GUEST_IS_TDX (PcdGet64 (PcdConfidentialComputingGuestAttr))) {\r
+ //\r
+ // Set the memory shared bit.\r
+ //\r
Status = MemEncryptTdxSetPageSharedBit (\r
0,\r
MapInfo->PlainTextAddress,\r
MapInfo->NumberOfPages\r
);\r
+ } else {\r
+ ASSERT (FALSE);\r
}\r
- } else {\r
- ASSERT (FALSE);\r
}\r
\r
ASSERT_EFI_ERROR (Status);\r
break;\r
}\r
\r
- if (CC_GUEST_IS_SEV (PcdGet64 (PcdConfidentialComputingGuestAttr))) {\r
- //\r
- // Restore the memory encryption mask on the area we used to hold the\r
- // plaintext.\r
- //\r
- Status = MemEncryptSevSetPageEncMask (\r
- 0,\r
- MapInfo->PlainTextAddress,\r
- MapInfo->NumberOfPages\r
- );\r
- } else if (CC_GUEST_IS_TDX (PcdGet64 (PcdConfidentialComputingGuestAttr))) {\r
- //\r
- // Restore the memory shared bit mask on the area we used to hold the\r
- // plaintext.\r
- //\r
- if (MapInfo->ReservedMemBitmap == 0) {\r
+ if (MapInfo->ReservedMemBitmap == 0) {\r
+ if (CC_GUEST_IS_SEV (PcdGet64 (PcdConfidentialComputingGuestAttr))) {\r
+ //\r
+ // Restore the memory encryption mask on the area we used to hold the\r
+ // plaintext.\r
+ //\r
+ Status = MemEncryptSevSetPageEncMask (\r
+ 0,\r
+ MapInfo->PlainTextAddress,\r
+ MapInfo->NumberOfPages\r
+ );\r
+ } else if (CC_GUEST_IS_TDX (PcdGet64 (PcdConfidentialComputingGuestAttr))) {\r
+ //\r
+ // Restore the memory shared bit mask on the area we used to hold the\r
+ // plaintext.\r
+ //\r
Status = MemEncryptTdxClearPageSharedBit (\r
0,\r
MapInfo->PlainTextAddress,\r
MapInfo->NumberOfPages\r
);\r
+ } else {\r
+ ASSERT (FALSE);\r
}\r
- } else {\r
- ASSERT (FALSE);\r
}\r
\r
ASSERT_EFI_ERROR (Status);\r
}\r
\r
//\r
- // Currently only Tdx guest support Reserved shared memory for DMA operation.\r
+ // For CC guests, use reserved shared memory for DMA operation.\r
//\r
- if (CC_GUEST_IS_TDX (PcdGet64 (PcdConfidentialComputingGuestAttr))) {\r
- mReservedSharedMemSupported = TRUE;\r
- Status = IoMmuInitReservedSharedMem ();\r
- if (EFI_ERROR (Status)) {\r
- mReservedSharedMemSupported = FALSE;\r
- } else {\r
- DEBUG ((DEBUG_INFO, "%a: Feature of reserved memory for DMA is supported.\n", __FUNCTION__));\r
- }\r
+ mReservedSharedMemSupported = TRUE;\r
+ Status = IoMmuInitReservedSharedMem ();\r
+ if (EFI_ERROR (Status)) {\r
+ mReservedSharedMemSupported = FALSE;\r
+ } else {\r
+ DEBUG ((DEBUG_INFO, "%a: Feature of reserved memory for DMA is supported.\n", __FUNCTION__));\r
}\r
\r
return EFI_SUCCESS;\r
#include <Library/BaseMemoryLib.h>\r
#include <Library/DebugLib.h>\r
#include <Library/MemoryAllocationLib.h>\r
+#include <Library/MemEncryptSevLib.h>\r
#include <Library/MemEncryptTdxLib.h>\r
+#include <Library/PcdLib.h>\r
#include <Library/UefiBootServicesTableLib.h>\r
#include "IoMmuInternal.h"\r
\r
UINTN TotalPages;\r
IOMMU_RESERVED_MEM_RANGE *MemRange;\r
EFI_PHYSICAL_ADDRESS PhysicalAddress;\r
+ UINT64 SharedAddress;\r
\r
if (!mReservedSharedMemSupported) {\r
return EFI_UNSUPPORTED;\r
MemRange->StartAddressOfMemRange = PhysicalAddress;\r
\r
for (Index2 = 0; Index2 < MemRange->Slots; Index2++) {\r
- Status = MemEncryptTdxSetPageSharedBit (\r
- 0,\r
- (UINT64)(UINTN)(MemRange->StartAddressOfMemRange + Index2 * SIZE_OF_MEM_RANGE (MemRange) + MemRange->HeaderSize),\r
- EFI_SIZE_TO_PAGES (MemRange->DataSize)\r
- );\r
- ASSERT (!EFI_ERROR (Status));\r
+ SharedAddress = (UINT64)(UINTN)(MemRange->StartAddressOfMemRange + Index2 * SIZE_OF_MEM_RANGE (MemRange) + MemRange->HeaderSize);\r
+\r
+ if (CC_GUEST_IS_SEV (PcdGet64 (PcdConfidentialComputingGuestAttr))) {\r
+ Status = MemEncryptSevClearPageEncMask (\r
+ 0,\r
+ SharedAddress,\r
+ EFI_SIZE_TO_PAGES (MemRange->DataSize)\r
+ );\r
+ ASSERT (!EFI_ERROR (Status));\r
+ } else if (CC_GUEST_IS_TDX (PcdGet64 (PcdConfidentialComputingGuestAttr))) {\r
+ Status = MemEncryptTdxSetPageSharedBit (\r
+ 0,\r
+ SharedAddress,\r
+ EFI_SIZE_TO_PAGES (MemRange->DataSize)\r
+ );\r
+ ASSERT (!EFI_ERROR (Status));\r
+ } else {\r
+ ASSERT (FALSE);\r
+ }\r
}\r
\r
PhysicalAddress += (MemRange->Slots * SIZE_OF_MEM_RANGE (MemRange));\r
EFI_STATUS Status;\r
UINT32 Index1, Index2;\r
IOMMU_RESERVED_MEM_RANGE *MemRange;\r
+ UINT64 SharedAddress;\r
\r
if (!mReservedSharedMemSupported) {\r
return EFI_SUCCESS;\r
for (Index1 = 0; Index1 < ARRAY_SIZE (mReservedMemRanges); Index1++) {\r
MemRange = &mReservedMemRanges[Index1];\r
for (Index2 = 0; Index2 < MemRange->Slots; Index2++) {\r
- Status = MemEncryptTdxClearPageSharedBit (\r
- 0,\r
- (UINT64)(UINTN)(MemRange->StartAddressOfMemRange + Index2 * SIZE_OF_MEM_RANGE (MemRange) + MemRange->HeaderSize),\r
- EFI_SIZE_TO_PAGES (MemRange->DataSize)\r
- );\r
- ASSERT (!EFI_ERROR (Status));\r
+ SharedAddress = (UINT64)(UINTN)(MemRange->StartAddressOfMemRange + Index2 * SIZE_OF_MEM_RANGE (MemRange) + MemRange->HeaderSize);\r
+\r
+ if (CC_GUEST_IS_SEV (PcdGet64 (PcdConfidentialComputingGuestAttr))) {\r
+ Status = MemEncryptSevSetPageEncMask (\r
+ 0,\r
+ SharedAddress,\r
+ EFI_SIZE_TO_PAGES (MemRange->DataSize)\r
+ );\r
+ ASSERT (!EFI_ERROR (Status));\r
+ } else if (CC_GUEST_IS_TDX (PcdGet64 (PcdConfidentialComputingGuestAttr))) {\r
+ Status = MemEncryptTdxClearPageSharedBit (\r
+ 0,\r
+ SharedAddress,\r
+ EFI_SIZE_TO_PAGES (MemRange->DataSize)\r
+ );\r
+ ASSERT (!EFI_ERROR (Status));\r
+ } else {\r
+ ASSERT (FALSE);\r
+ }\r
}\r
}\r
\r