DxeIpl: Add 5 level paging support

Zhiguang Liu Wed, 13 Dec 2023 23:59:45 -0800

Hi MdeModulePkg/UefiPayloadPkg Maintainers,

This patch set fix a potential issue when handling paging table.
Please help review.


Thanks
Zhiguang

> -----Original Message-----
> From: Liu, Zhiguang <zhiguang....@intel.com>
> Sent: Thursday, December 7, 2023 10:39 AM
> To: devel@edk2.groups.io
> Cc: Liu, Zhiguang <zhiguang....@intel.com>; Gao, Liming
> <gaolim...@byosoft.com.cn>; Wu, Jiaxin <jiaxin...@intel.com>; Ni, Ray
> <ray...@intel.com>; Dong, Guo <guo.d...@intel.com>; Rhodes, Sean
> <sean@starlabs.systems>; Lu, James <james...@intel.com>; Guo, Gua
> <gua....@intel.com>
> Subject: [PATCH 1/2] MdeModulePkg/DxeIpl: Add 5 level paging support
> 
> Add 5 level paging support when set the page table memory range as RO to
> protect page table.
> 
> Cc: Liming Gao <gaolim...@byosoft.com.cn>
> Cc: Jiaxin Wu <jiaxin...@intel.com>
> Cc: Ray Ni <ray...@intel.com>
> Cc: Guo Dong <guo.d...@intel.com>
> Cc: Sean Rhodes <sean@starlabs.systems>
> Cc: James Lu <james...@intel.com>
> Cc: Gua Guo <gua....@intel.com>
> Signed-off-by: Zhiguang Liu <zhiguang....@intel.com>
> ---
>  .../Core/DxeIplPeim/Ia32/DxeLoadFunc.c        |  2 +-
>  .../Core/DxeIplPeim/X64/VirtualMemory.c       | 23 ++++++++++++-------
>  .../Core/DxeIplPeim/X64/VirtualMemory.h       |  5 +++-
>  3 files changed, 20 insertions(+), 10 deletions(-)
> 
> diff --git a/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c
> b/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c
> index 65e9bdc99e..ba871dafc7 100644
> --- a/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c
> +++ b/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c
> @@ -166,7 +166,7 @@ Create4GPageTablesIa32Pae (
>    // Protect the page table by marking the memory used for page table to be
>    // read-only.
>    //
> -  EnablePageTableProtection ((UINTN)PageMap, FALSE);
> +  EnablePageTableProtection ((UINTN)PageMap, FALSE, FALSE);
> 
>    return (UINTN)PageMap;
>  }
> diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
> b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
> index 980c2002d4..1c2e29b132 100644
> --- a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
> +++ b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
> @@ -486,13 +486,15 @@ Split1GPageTo2M (
>    @param[in] PageTableBase    Base address of page table (CR3).
>    @param[in] Address          Start address of a page to be set as read-only.
>    @param[in] Level4Paging     Level 4 paging flag.
> +  @param[in] Level5Paging     Level 5 paging flag.
> 
>  **/
>  VOID
>  SetPageTablePoolReadOnly (
>    IN  UINTN                 PageTableBase,
>    IN  EFI_PHYSICAL_ADDRESS  Address,
> -  IN  BOOLEAN               Level4Paging
> +  IN  BOOLEAN               Level4Paging,
> +  IN  BOOLEAN               Level5Paging
>    )
>  {
>    UINTN                 Index;
> @@ -502,9 +504,9 @@ SetPageTablePoolReadOnly (
>    UINT64                *PageTable;
>    UINT64                *NewPageTable;
>    UINT64                PageAttr;
> -  UINT64                LevelSize[5];
> -  UINT64                LevelMask[5];
> -  UINTN                 LevelShift[5];
> +  UINT64                LevelSize[6];
> +  UINT64                LevelMask[6];
> +  UINTN                 LevelShift[6];
>    UINTN                 Level;
>    UINT64                PoolUnitSize;
> 
> @@ -521,23 +523,26 @@ SetPageTablePoolReadOnly (
>    LevelShift[2] = PAGING_L2_ADDRESS_SHIFT;
>    LevelShift[3] = PAGING_L3_ADDRESS_SHIFT;
>    LevelShift[4] = PAGING_L4_ADDRESS_SHIFT;
> +  LevelShift[5] = PAGING_L5_ADDRESS_SHIFT;
> 
>    LevelMask[1] = PAGING_4K_ADDRESS_MASK_64;
>    LevelMask[2] = PAGING_2M_ADDRESS_MASK_64;
>    LevelMask[3] = PAGING_1G_ADDRESS_MASK_64;
>    LevelMask[4] = PAGING_1G_ADDRESS_MASK_64;
> +  LevelMask[5] = 0;
> 
>    LevelSize[1] = SIZE_4KB;
>    LevelSize[2] = SIZE_2MB;
>    LevelSize[3] = SIZE_1GB;
>    LevelSize[4] = SIZE_512GB;
> +  LevelSize[5] = SIZE_256TB;
> 
>    AddressEncMask = PcdGet64 (PcdPteMemoryEncryptionAddressOrMask) &
>                     PAGING_1G_ADDRESS_MASK_64;
>    PageTable    = (UINT64 *)(UINTN)PageTableBase;
>    PoolUnitSize = PAGE_TABLE_POOL_UNIT_SIZE;
> 
> -  for (Level = (Level4Paging) ? 4 : 3; Level > 0; --Level) {
> +  for (Level = Level5Paging ? 5 : (Level4Paging ? 4 : 3); Level > 0;
> + --Level) {
>      Index  = ((UINTN)RShiftU64 (Address, LevelShift[Level]));
>      Index &= PAGING_PAE_INDEX_MASK;
> 
> @@ -608,12 +613,14 @@ SetPageTablePoolReadOnly (
> 
>    @param[in] PageTableBase    Base address of page table (CR3).
>    @param[in] Level4Paging     Level 4 paging flag.
> +  @param[in] Level5Paging     Level 5 paging flag.
> 
>  **/
>  VOID
>  EnablePageTableProtection (
>    IN  UINTN    PageTableBase,
> -  IN  BOOLEAN  Level4Paging
> +  IN  BOOLEAN  Level4Paging,
> +  IN  BOOLEAN  Level5Paging
>    )
>  {
>    PAGE_TABLE_POOL       *HeadPool;
> @@ -642,7 +649,7 @@ EnablePageTableProtection (
>      // protection to them one by one.
>      //
>      while (PoolSize > 0) {
> -      SetPageTablePoolReadOnly (PageTableBase, Address, Level4Paging);
> +      SetPageTablePoolReadOnly (PageTableBase, Address, Level4Paging,
> + Level5Paging);
>        Address  += PAGE_TABLE_POOL_UNIT_SIZE;
>        PoolSize -= PAGE_TABLE_POOL_UNIT_SIZE;
>      }
> @@ -959,7 +966,7 @@ CreateIdentityMappingPageTables (
>    // Protect the page table by marking the memory used for page table to be
>    // read-only.
>    //
> -  EnablePageTableProtection ((UINTN)PageMap, TRUE);
> +  EnablePageTableProtection ((UINTN)PageMap, !Page5LevelSupport,
> + Page5LevelSupport);
> 
>    //
>    // Set IA32_EFER.NXE if necessary.
> diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h
> b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h
> index 616ebe42b0..f2a5cbec33 100644
> --- a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h
> +++ b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h
> @@ -157,6 +157,7 @@ typedef union {
>  #define PAGING_L2_ADDRESS_SHIFT  21
>  #define PAGING_L3_ADDRESS_SHIFT  30
>  #define PAGING_L4_ADDRESS_SHIFT  39
> +#define PAGING_L5_ADDRESS_SHIFT  48
> 
>  #define PAGING_PML4E_NUMBER  4
> 
> @@ -294,12 +295,14 @@ IsNullDetectionEnabled (
> 
>    @param[in] PageTableBase    Base address of page table (CR3).
>    @param[in] Level4Paging     Level 4 paging flag.
> +  @param[in] Level5Paging     Level 5 paging flag.
> 
>  **/
>  VOID
>  EnablePageTableProtection (
>    IN  UINTN    PageTableBase,
> -  IN  BOOLEAN  Level4Paging
> +  IN  BOOLEAN  Level4Paging,
> +  IN  BOOLEAN  Level5Paging
>    );
> 
>  /**
> --
> 2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#112507): https://edk2.groups.io/g/devel/message/112507
Mute This Topic: https://groups.io/mt/103027553/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 1/2] MdeModulePkg/DxeIpl: Add 5 level paging support

Reply via email to