From: Leo Duran Date: Thu, 2 Mar 2017 23:36:03 +0000 (+0800) Subject: UefiCpuPkg/CpuDxe: Add support for PCD PcdPteMemoryEncryptionAddressOrMask X-Git-Tag: edk2-stable201903~4470 X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=commitdiff_plain;h=627dcba3528159dedfb12e846840206c2f83ab32 UefiCpuPkg/CpuDxe: Add support for PCD PcdPteMemoryEncryptionAddressOrMask This PCD holds the address mask for page table entries when memory encryption is enabled on AMD processors supporting the Secure Encrypted Virtualization (SEV) feature. The mask is applied when page tables entries are created or modified. CC: Jeff Fan Cc: Feng Tian Cc: Star Zeng Cc: Laszlo Ersek Cc: Brijesh Singh Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Leo Duran Reviewed-by: Jeff Fan --- diff --git a/UefiCpuPkg/CpuDxe/CpuDxe.inf b/UefiCpuPkg/CpuDxe/CpuDxe.inf index e568ceb53e..3e8d196739 100644 --- a/UefiCpuPkg/CpuDxe/CpuDxe.inf +++ b/UefiCpuPkg/CpuDxe/CpuDxe.inf @@ -2,6 +2,8 @@ # CPU driver installs CPU Architecture Protocol and CPU MP protocol. # # Copyright (c) 2008 - 2017, Intel Corporation. All rights reserved.
+# Copyright (c) 2017, AMD Incorporated. All rights reserved.
+# # This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -77,6 +79,9 @@ gEfiSecPlatformInformation2PpiGuid ## UNDEFINED # HOB gEfiSecPlatformInformationPpiGuid ## UNDEFINED # HOB +[Pcd] + gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask ## CONSUMES + [Depex] TRUE diff --git a/UefiCpuPkg/CpuDxe/CpuPageTable.c b/UefiCpuPkg/CpuDxe/CpuPageTable.c index 202d1d9b64..65f607a90c 100644 --- a/UefiCpuPkg/CpuDxe/CpuPageTable.c +++ b/UefiCpuPkg/CpuDxe/CpuPageTable.c @@ -2,6 +2,8 @@ Page table management support. Copyright (c) 2017, Intel Corporation. All rights reserved.
+ Copyright (c) 2017, AMD Incorporated. All rights reserved.
+ This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -271,6 +273,7 @@ GetPageTableEntry ( UINT64 *L2PageTable; UINT64 *L3PageTable; UINT64 *L4PageTable; + UINT64 AddressEncMask; ASSERT (PagingContext != NULL); @@ -279,6 +282,10 @@ GetPageTableEntry ( Index2 = ((UINTN)Address >> 21) & PAGING_PAE_INDEX_MASK; Index1 = ((UINTN)Address >> 12) & PAGING_PAE_INDEX_MASK; + // Make sure AddressEncMask is contained to smallest supported address field. + // + AddressEncMask = PcdGet64 (PcdPteMemoryEncryptionAddressOrMask) & PAGING_1G_ADDRESS_MASK_64; + if (PagingContext->MachineType == IMAGE_FILE_MACHINE_X64) { L4PageTable = (UINT64 *)(UINTN)PagingContext->ContextData.X64.PageTableBase; if (L4PageTable[Index4] == 0) { @@ -286,7 +293,7 @@ GetPageTableEntry ( return NULL; } - L3PageTable = (UINT64 *)(UINTN)(L4PageTable[Index4] & PAGING_4K_ADDRESS_MASK_64); + L3PageTable = (UINT64 *)(UINTN)(L4PageTable[Index4] & ~AddressEncMask & PAGING_4K_ADDRESS_MASK_64); } else { ASSERT((PagingContext->ContextData.Ia32.Attributes & PAGE_TABLE_LIB_PAGING_CONTEXT_IA32_X64_ATTRIBUTES_PAE) != 0); L3PageTable = (UINT64 *)(UINTN)PagingContext->ContextData.Ia32.PageTableBase; @@ -301,7 +308,7 @@ GetPageTableEntry ( return &L3PageTable[Index3]; } - L2PageTable = (UINT64 *)(UINTN)(L3PageTable[Index3] & PAGING_4K_ADDRESS_MASK_64); + L2PageTable = (UINT64 *)(UINTN)(L3PageTable[Index3] & ~AddressEncMask & PAGING_4K_ADDRESS_MASK_64); if (L2PageTable[Index2] == 0) { *PageAttribute = PageNone; return NULL; @@ -313,7 +320,7 @@ GetPageTableEntry ( } // 4k - L1PageTable = (UINT64 *)(UINTN)(L2PageTable[Index2] & PAGING_4K_ADDRESS_MASK_64); + L1PageTable = (UINT64 *)(UINTN)(L2PageTable[Index2] & ~AddressEncMask & PAGING_4K_ADDRESS_MASK_64); if ((L1PageTable[Index1] == 0) && (Address != 0)) { *PageAttribute = PageNone; return NULL; @@ -499,11 +506,16 @@ SplitPage ( UINT64 BaseAddress; UINT64 *NewPageEntry; UINTN Index; + UINT64 AddressEncMask; ASSERT (PageAttribute == Page2M || PageAttribute == Page1G); ASSERT (AllocatePagesFunc != NULL); + // Make sure AddressEncMask is contained to smallest supported address field. + // + AddressEncMask = PcdGet64 (PcdPteMemoryEncryptionAddressOrMask) & PAGING_1G_ADDRESS_MASK_64; + if (PageAttribute == Page2M) { // // Split 2M to 4K @@ -515,11 +527,11 @@ SplitPage ( if (NewPageEntry == NULL) { return RETURN_OUT_OF_RESOURCES; } - BaseAddress = *PageEntry & PAGING_2M_ADDRESS_MASK_64; + BaseAddress = *PageEntry & ~AddressEncMask & PAGING_2M_ADDRESS_MASK_64; for (Index = 0; Index < SIZE_4KB / sizeof(UINT64); Index++) { - NewPageEntry[Index] = BaseAddress + SIZE_4KB * Index + ((*PageEntry) & PAGE_PROGATE_BITS); + NewPageEntry[Index] = (BaseAddress + SIZE_4KB * Index) | AddressEncMask | ((*PageEntry) & PAGE_PROGATE_BITS); } - (*PageEntry) = (UINT64)(UINTN)NewPageEntry + ((*PageEntry) & PAGE_PROGATE_BITS); + (*PageEntry) = (UINT64)(UINTN)NewPageEntry | AddressEncMask | ((*PageEntry) & PAGE_PROGATE_BITS); return RETURN_SUCCESS; } else { return RETURN_UNSUPPORTED; @@ -536,11 +548,11 @@ SplitPage ( if (NewPageEntry == NULL) { return RETURN_OUT_OF_RESOURCES; } - BaseAddress = *PageEntry & PAGING_1G_ADDRESS_MASK_64; + BaseAddress = *PageEntry & ~AddressEncMask & PAGING_1G_ADDRESS_MASK_64; for (Index = 0; Index < SIZE_4KB / sizeof(UINT64); Index++) { - NewPageEntry[Index] = BaseAddress + SIZE_2MB * Index + IA32_PG_PS + ((*PageEntry) & PAGE_PROGATE_BITS); + NewPageEntry[Index] = (BaseAddress + SIZE_2MB * Index) | AddressEncMask | IA32_PG_PS | ((*PageEntry) & PAGE_PROGATE_BITS); } - (*PageEntry) = (UINT64)(UINTN)NewPageEntry + ((*PageEntry) & PAGE_PROGATE_BITS); + (*PageEntry) = (UINT64)(UINTN)NewPageEntry | AddressEncMask | ((*PageEntry) & PAGE_PROGATE_BITS); return RETURN_SUCCESS; } else { return RETURN_UNSUPPORTED;