Reviewed-by: Ray Ni <ray...@intel.com> > -----Original Message----- > From: Sheng, W <w.sh...@intel.com> > Sent: Monday, August 31, 2020 2:38 PM > To: devel@edk2.groups.io > Cc: Ni, Ray <ray...@intel.com>; Chaganty, Rangasai V > <rangasai.v.chaga...@intel.com> > Subject: [PATCH v3 2/3] IntelSiliconPkg/IntelVTdPmrPei: Fix PMR enabling > setting confilct > > PMR enabling set by pre-boot DMA protection is cleared by RC > when boot guard is enabled. Pre-boot DMA protection should only > reset VT-d BAR when it is 0 and reset PMR region when it is > not programmed to protect all memory address. > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2867 > > Change-Id: Ic5370f474a43a94903871782ace5cce186b4ddc0 > Cc: Ray Ni <ray...@intel.com> > Cc: Rangasai V Chaganty <rangasai.v.chaga...@intel.com> > Signed-off-by: Sheng Wei <w.sh...@intel.com> > --- > .../Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.c | 14 +++++++ > .../Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.h | 15 +++++++ > .../Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.inf | 1 + > .../Feature/VTd/IntelVTdPmrPei/VtdReg.c | 47 > ++++++++++++++++++++++ > 4 files changed, 77 insertions(+) > > diff --git > a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.c > b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.c > index ea944aa4..31a14f28 100644 > --- > a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.c > +++ > b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.c > @@ -745,7 +745,21 @@ VTdInfoNotify ( > // Protect all system memory > // > InitVTdInfo (); > + > + Hob = GetFirstGuidHob (&mVTdInfoGuid); > + VTdInfo = GET_GUID_HOB_DATA(Hob); > + > + // > + // NOTE: We need check if PMR is enabled or not. > + // > + EnabledEngineMask = GetDmaProtectionEnabledEngineMask (VTdInfo, > VTdInfo->EngineMask); > + if (EnabledEngineMask != 0) { > + Status = PreMemoryEnableVTdTranslationProtection (VTdInfo, > EnabledEngineMask); > + } > InitVTdPmrForAll (); > + if (((EnabledEngineMask != 0) && (!EFI_ERROR (Status)))) { > + DisableVTdTranslationProtection (VTdInfo, EnabledEngineMask); > + } > > // > // Install PPI. > diff --git > a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.h > b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.h > index 58e6afad..ffed2c5b 100644 > --- > a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.h > +++ > b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.h > @@ -97,6 +97,21 @@ GetHighMemoryAlignment ( > IN UINT64 EngineMask > ); > > +/** > + Enable VTd translation table protection in pre-memory phase. > + > + @param VTdInfo The VTd engine context information. > + @param EngineMask The mask of the VTd engine to be accessed. > + > + @retval EFI_SUCCESS DMAR translation protection is enabled. > + @retval EFI_UNSUPPORTED Null Root Entry Table is not supported. > +**/ > +EFI_STATUS > +PreMemoryEnableVTdTranslationProtection ( > + IN VTD_INFO *VTdInfo, > + IN UINT64 EngineMask > + ); > + > /** > Enable VTd translation table protection. > > diff --git > a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.inf > b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.inf > index 3eb2b510..1e613ddd 100644 > --- > a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.inf > +++ > b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.inf > @@ -48,6 +48,7 @@ > gEdkiiVTdInfoPpiGuid ## CONSUMES > gEfiPeiMemoryDiscoveredPpiGuid ## CONSUMES > gEfiEndOfPeiSignalPpiGuid ## CONSUMES > + gEdkiiVTdNullRootEntryTableGuid ## PRODUCES > > [Pcd] > gIntelSiliconPkgTokenSpaceGuid.PcdVTdPolicyPropertyMask ## CONSUMES > diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdReg.c > b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdReg.c > index c9669426..2e252fe5 100644 > --- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdReg.c > +++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdReg.c > @@ -13,8 +13,10 @@ > #include <Library/DebugLib.h> > #include <Library/MemoryAllocationLib.h> > #include <Library/CacheMaintenanceLib.h> > +#include <Library/PeiServicesLib.h> > #include <IndustryStandard/Vtd.h> > #include <Ppi/VtdInfo.h> > +#include <Ppi/VtdNullRootEntryTable.h> > > #include "IntelVTdPmrPei.h" > > @@ -246,6 +248,51 @@ DisableDmar ( > return EFI_SUCCESS; > } > > +/** > + Enable VTd translation table protection in pre-memory phase. > + > + @param VTdInfo The VTd engine context information. > + @param EngineMask The mask of the VTd engine to be accessed. > + > + @retval EFI_SUCCESS DMAR translation protection is enabled. > + @retval EFI_UNSUPPORTED Null Root Entry Table is not supported. > +**/ > +EFI_STATUS > +PreMemoryEnableVTdTranslationProtection ( > + IN VTD_INFO *VTdInfo, > + IN UINT64 EngineMask > + ) > +{ > + EFI_STATUS Status; > + UINTN Index; > + EDKII_VTD_NULL_ROOT_ENTRY_TABLE_PPI *RootEntryTable; > + > + DEBUG ((DEBUG_INFO, "PreMemoryEnableVTdTranslationProtection - 0x%lx\n", > EngineMask)); > + > + Status = PeiServicesLocatePpi ( > + &gEdkiiVTdNullRootEntryTableGuid, > + 0, > + NULL, > + (VOID **)&RootEntryTable > + ); > + > + if (EFI_ERROR(Status)) { > + DEBUG((DEBUG_ERROR, "Locate NullRootEntryTable Ppi : %r\n", Status)); > + return EFI_UNSUPPORTED; > + } > + > + DEBUG ((DEBUG_INFO, "NullRootEntryTable - 0x%lx\n", *RootEntryTable)); > + > + for (Index = 0; Index < VTdInfo->VTdEngineCount; Index++) { > + if ((EngineMask & LShiftU64(1, Index)) == 0) { > + continue; > + } > + EnableDmar ((UINTN)VTdInfo->VTdEngineAddress[Index], > (UINTN)*RootEntryTable); > + } > + > + return EFI_SUCCESS; > +} > + > /** > Enable VTd translation table protection. > > -- > 2.16.2.windows.1
-=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#64898): https://edk2.groups.io/g/devel/message/64898 Mute This Topic: https://groups.io/mt/76529334/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
