summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLeo Duran <leo.duran@amd.com>2017-03-03 07:36:03 +0800
committerJeff Fan <jeff.fan@intel.com>2017-03-06 15:34:24 +0800
commit627dcba3528159dedfb12e846840206c2f83ab32 (patch)
tree101893d9c2d844e45e797e3f4184977eecc17ff2
parent891417a74d5cd3bd202f63cec74c233cc0c57008 (diff)
downloadedk2-627dcba3528159dedfb12e846840206c2f83ab32.tar.gz
edk2-627dcba3528159dedfb12e846840206c2f83ab32.tar.bz2
edk2-627dcba3528159dedfb12e846840206c2f83ab32.zip
UefiCpuPkg/CpuDxe: Add support for PCD PcdPteMemoryEncryptionAddressOrMask
This PCD holds the address mask for page table entries when memory encryption is enabled on AMD processors supporting the Secure Encrypted Virtualization (SEV) feature. The mask is applied when page tables entries are created or modified. CC: Jeff Fan <jeff.fan@intel.com> Cc: Feng Tian <feng.tian@intel.com> Cc: Star Zeng <star.zeng@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Leo Duran <leo.duran@amd.com> Reviewed-by: Jeff Fan <jeff.fan@intel.com>
-rw-r--r--UefiCpuPkg/CpuDxe/CpuDxe.inf5
-rw-r--r--UefiCpuPkg/CpuDxe/CpuPageTable.c30
2 files changed, 26 insertions, 9 deletions
diff --git a/UefiCpuPkg/CpuDxe/CpuDxe.inf b/UefiCpuPkg/CpuDxe/CpuDxe.inf
index e568ceb53e..3e8d196739 100644
--- a/UefiCpuPkg/CpuDxe/CpuDxe.inf
+++ b/UefiCpuPkg/CpuDxe/CpuDxe.inf
@@ -2,6 +2,8 @@
# CPU driver installs CPU Architecture Protocol and CPU MP protocol.
#
# Copyright (c) 2008 - 2017, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>
+#
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -77,6 +79,9 @@
gEfiSecPlatformInformation2PpiGuid ## UNDEFINED # HOB
gEfiSecPlatformInformationPpiGuid ## UNDEFINED # HOB
+[Pcd]
+ gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask ## CONSUMES
+
[Depex]
TRUE
diff --git a/UefiCpuPkg/CpuDxe/CpuPageTable.c b/UefiCpuPkg/CpuDxe/CpuPageTable.c
index 202d1d9b64..65f607a90c 100644
--- a/UefiCpuPkg/CpuDxe/CpuPageTable.c
+++ b/UefiCpuPkg/CpuDxe/CpuPageTable.c
@@ -2,6 +2,8 @@
Page table management support.
Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>
+
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -271,6 +273,7 @@ GetPageTableEntry (
UINT64 *L2PageTable;
UINT64 *L3PageTable;
UINT64 *L4PageTable;
+ UINT64 AddressEncMask;
ASSERT (PagingContext != NULL);
@@ -279,6 +282,10 @@ GetPageTableEntry (
Index2 = ((UINTN)Address >> 21) & PAGING_PAE_INDEX_MASK;
Index1 = ((UINTN)Address >> 12) & PAGING_PAE_INDEX_MASK;
+ // Make sure AddressEncMask is contained to smallest supported address field.
+ //
+ AddressEncMask = PcdGet64 (PcdPteMemoryEncryptionAddressOrMask) & PAGING_1G_ADDRESS_MASK_64;
+
if (PagingContext->MachineType == IMAGE_FILE_MACHINE_X64) {
L4PageTable = (UINT64 *)(UINTN)PagingContext->ContextData.X64.PageTableBase;
if (L4PageTable[Index4] == 0) {
@@ -286,7 +293,7 @@ GetPageTableEntry (
return NULL;
}
- L3PageTable = (UINT64 *)(UINTN)(L4PageTable[Index4] & PAGING_4K_ADDRESS_MASK_64);
+ L3PageTable = (UINT64 *)(UINTN)(L4PageTable[Index4] & ~AddressEncMask & PAGING_4K_ADDRESS_MASK_64);
} else {
ASSERT((PagingContext->ContextData.Ia32.Attributes & PAGE_TABLE_LIB_PAGING_CONTEXT_IA32_X64_ATTRIBUTES_PAE) != 0);
L3PageTable = (UINT64 *)(UINTN)PagingContext->ContextData.Ia32.PageTableBase;
@@ -301,7 +308,7 @@ GetPageTableEntry (
return &L3PageTable[Index3];
}
- L2PageTable = (UINT64 *)(UINTN)(L3PageTable[Index3] & PAGING_4K_ADDRESS_MASK_64);
+ L2PageTable = (UINT64 *)(UINTN)(L3PageTable[Index3] & ~AddressEncMask & PAGING_4K_ADDRESS_MASK_64);
if (L2PageTable[Index2] == 0) {
*PageAttribute = PageNone;
return NULL;
@@ -313,7 +320,7 @@ GetPageTableEntry (
}
// 4k
- L1PageTable = (UINT64 *)(UINTN)(L2PageTable[Index2] & PAGING_4K_ADDRESS_MASK_64);
+ L1PageTable = (UINT64 *)(UINTN)(L2PageTable[Index2] & ~AddressEncMask & PAGING_4K_ADDRESS_MASK_64);
if ((L1PageTable[Index1] == 0) && (Address != 0)) {
*PageAttribute = PageNone;
return NULL;
@@ -499,11 +506,16 @@ SplitPage (
UINT64 BaseAddress;
UINT64 *NewPageEntry;
UINTN Index;
+ UINT64 AddressEncMask;
ASSERT (PageAttribute == Page2M || PageAttribute == Page1G);
ASSERT (AllocatePagesFunc != NULL);
+ // Make sure AddressEncMask is contained to smallest supported address field.
+ //
+ AddressEncMask = PcdGet64 (PcdPteMemoryEncryptionAddressOrMask) & PAGING_1G_ADDRESS_MASK_64;
+
if (PageAttribute == Page2M) {
//
// Split 2M to 4K
@@ -515,11 +527,11 @@ SplitPage (
if (NewPageEntry == NULL) {
return RETURN_OUT_OF_RESOURCES;
}
- BaseAddress = *PageEntry & PAGING_2M_ADDRESS_MASK_64;
+ BaseAddress = *PageEntry & ~AddressEncMask & PAGING_2M_ADDRESS_MASK_64;
for (Index = 0; Index < SIZE_4KB / sizeof(UINT64); Index++) {
- NewPageEntry[Index] = BaseAddress + SIZE_4KB * Index + ((*PageEntry) & PAGE_PROGATE_BITS);
+ NewPageEntry[Index] = (BaseAddress + SIZE_4KB * Index) | AddressEncMask | ((*PageEntry) & PAGE_PROGATE_BITS);
}
- (*PageEntry) = (UINT64)(UINTN)NewPageEntry + ((*PageEntry) & PAGE_PROGATE_BITS);
+ (*PageEntry) = (UINT64)(UINTN)NewPageEntry | AddressEncMask | ((*PageEntry) & PAGE_PROGATE_BITS);
return RETURN_SUCCESS;
} else {
return RETURN_UNSUPPORTED;
@@ -536,11 +548,11 @@ SplitPage (
if (NewPageEntry == NULL) {
return RETURN_OUT_OF_RESOURCES;
}
- BaseAddress = *PageEntry & PAGING_1G_ADDRESS_MASK_64;
+ BaseAddress = *PageEntry & ~AddressEncMask & PAGING_1G_ADDRESS_MASK_64;
for (Index = 0; Index < SIZE_4KB / sizeof(UINT64); Index++) {
- NewPageEntry[Index] = BaseAddress + SIZE_2MB * Index + IA32_PG_PS + ((*PageEntry) & PAGE_PROGATE_BITS);
+ NewPageEntry[Index] = (BaseAddress + SIZE_2MB * Index) | AddressEncMask | IA32_PG_PS | ((*PageEntry) & PAGE_PROGATE_BITS);
}
- (*PageEntry) = (UINT64)(UINTN)NewPageEntry + ((*PageEntry) & PAGE_PROGATE_BITS);
+ (*PageEntry) = (UINT64)(UINTN)NewPageEntry | AddressEncMask | ((*PageEntry) & PAGE_PROGATE_BITS);
return RETURN_SUCCESS;
} else {
return RETURN_UNSUPPORTED;