diff options
| author | Brijesh Singh <brijesh.singh@amd.com> | 2018-01-11 13:51:01 -0600 |
|---|---|---|
| committer | Laszlo Ersek <lersek@redhat.com> | 2018-01-15 21:18:50 +0100 |
| commit | b721aa749b86a6218118c0dc0eb91daa13abe761 (patch) | |
| tree | 6e4d540312783ec2ef97b0a8b46e0b88efc9220b /OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h | |
| parent | 84513df419968b4486c442f3fd646729aba2999a (diff) | |
| download | edk2-b721aa749b86a6218118c0dc0eb91daa13abe761.tar.gz edk2-b721aa749b86a6218118c0dc0eb91daa13abe761.tar.bz2 edk2-b721aa749b86a6218118c0dc0eb91daa13abe761.zip | |
OvmfPkg/BaseMemEncryptSevLib: Enable protection for newly added page table
Commit 2ac1730bf2a5 (MdeModulePkg/DxeIpl: Mark page table as read-only)
sets the memory pages used for page table as read-only after paging is
setup and sets CR0.WP to protect CPU modifying the read-only pages.
The commit causes #PF when MemEncryptSevClearPageEncMask() or
MemEncryptSevSetPageEncMask() tries to change the page-table attributes.
This patch takes the similar approach as Commit 147fd35c3e38
(UefiCpuPkg/CpuDxe: Enable protection for newly added page table).
When page table protection is enabled, we disable it temporarily before
changing the page table attributes.
This patch makes use of the same approach as Commit 2ac1730bf2a5
(MdeModulePkg/DxeIpl: Mark page table as read-only)) for allocating
page table memory from reserved memory pool, which helps to reduce a
potential "split" operation.
The patch duplicates code from commit 147fd35c3e38. The code duplication
will be removed after we implement page table manipulation library. See
bugzilla https://bugzilla.tianocore.org/show_bug.cgi?id=847.
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Diffstat (limited to 'OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h')
| -rw-r--r-- | OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h index 70cd2187a3..e7b5634b45 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h @@ -128,6 +128,20 @@ typedef union { #define IA32_PG_P BIT0
#define IA32_PG_RW BIT1
+#define IA32_PG_PS BIT7
+
+#define PAGING_PAE_INDEX_MASK 0x1FF
+
+#define PAGING_4K_ADDRESS_MASK_64 0x000FFFFFFFFFF000ull
+#define PAGING_2M_ADDRESS_MASK_64 0x000FFFFFFFE00000ull
+#define PAGING_1G_ADDRESS_MASK_64 0x000FFFFFC0000000ull
+
+#define PAGING_L1_ADDRESS_SHIFT 12
+#define PAGING_L2_ADDRESS_SHIFT 21
+#define PAGING_L3_ADDRESS_SHIFT 30
+#define PAGING_L4_ADDRESS_SHIFT 39
+
+#define PAGING_PML4E_NUMBER 4
#define PAGETABLE_ENTRY_MASK ((1UL << 9) - 1)
#define PML4_OFFSET(x) ( (x >> 39) & PAGETABLE_ENTRY_MASK)
@@ -136,6 +150,20 @@ typedef union { #define PTE_OFFSET(x) ( (x >> 12) & PAGETABLE_ENTRY_MASK)
#define PAGING_1G_ADDRESS_MASK_64 0x000FFFFFC0000000ull
+#define PAGE_TABLE_POOL_ALIGNMENT BASE_2MB
+#define PAGE_TABLE_POOL_UNIT_SIZE SIZE_2MB
+#define PAGE_TABLE_POOL_UNIT_PAGES EFI_SIZE_TO_PAGES (PAGE_TABLE_POOL_UNIT_SIZE)
+#define PAGE_TABLE_POOL_ALIGN_MASK \
+ (~(EFI_PHYSICAL_ADDRESS)(PAGE_TABLE_POOL_ALIGNMENT - 1))
+
+typedef struct {
+ VOID *NextPool;
+ UINTN Offset;
+ UINTN FreePages;
+} PAGE_TABLE_POOL;
+
+
+
/**
This function clears memory encryption bit for the memory region specified by PhysicalAddress
and length from the current page table context.
|