From nobody Fri May 17 16:34:19 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+104361+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+104361+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1683627782; cv=none; d=zohomail.com; s=zohoarc; b=i+MN/VmGbP9yxdTNV/xsYj9g6Npv3n9YM81qBwAEtyDmeK4L4S4eSPew5w9dQOcfhmesaiRTY2oxA1Onq3vtycAcwDqVcAaakERvDQBhQAoQ2Qaigc7dP1UIEvaV1GgIaTlRBKXlJ+RDzUlVV4jETo5sqRQnT1ws4bXIPbKCpBs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1683627782; h=Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:Message-ID:Reply-To:References:Sender:Subject:To; bh=rHIUmOfUz14qxPB/nqnj7CtqQE81GKVZC3Z9Ra8RThs=; b=SxMOAqD3+24cBdZ4IQZ6BIpebj8Qd4Lc2wuC04f1o67ROngCdZucOYzzf7Q7kt+bb+fq/McfPnsBmV3qjqqD7nLjMkyn1tsaughf/ZVHPABHoB0ioQbFaXHyJWhPEtVk1AYlglB/m8nWytXOmapMIy7PwHEtTWV4f9wCt25z+9Q= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+104361+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1683627782342319.87573752952665; Tue, 9 May 2023 03:23:02 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id GTSjYY1788612xlA9bfxRBnY; Tue, 09 May 2023 03:23:01 -0700 X-Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by mx.groups.io with SMTP id smtpd.web11.28255.1683627780311432681 for ; Tue, 09 May 2023 03:23:01 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10704"; a="352058184" X-IronPort-AV: E=Sophos;i="5.99,261,1677571200"; d="scan'208";a="352058184" X-Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 May 2023 03:23:01 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10704"; a="768454044" X-IronPort-AV: E=Sophos;i="5.99,261,1677571200"; d="scan'208";a="768454044" X-Received: from sh1gapp1009.ccr.corp.intel.com ([10.239.189.219]) by fmsmga004.fm.intel.com with ESMTP; 09 May 2023 03:22:59 -0700 From: "Wu, Jiaxin" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Zeng Star , Gerd Hoffmann , Rahul Kumar Subject: [edk2-devel] [PATCH v1 1/3] UefiCpuPkg/SecCore: Migrate page table to permanent memory Date: Tue, 9 May 2023 18:22:51 +0800 Message-Id: <20230509102253.16632-2-jiaxin.wu@intel.com> In-Reply-To: <20230509102253.16632-1-jiaxin.wu@intel.com> References: <20230509102253.16632-1-jiaxin.wu@intel.com> Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,jiaxin.wu@intel.com X-Gm-Message-State: XO4KkXEA8rUXpxe5tD10Q3Pnx1787277AA= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1683627781; bh=nkaw4oK/dbzrvWcZiBqj77x/q+tPYavLZIFvTESQBio=; h=Cc:Date:From:Reply-To:Subject:To; b=Vh5/d19JlJCpaSpyJ9TrNGjvfeViTC7H/zsyRRLoT5jcJZM6AMSTzS3Gg7B0QB+zIWT LAd9QOpjuY8apQkSr/hub65QzbExWxTD9LlJqhUOZttT6e+0lLWoP4Vb/XoSduNczML1w IylMWAt8dN4lFHZPn1xAsc/GkY5QdLmSIvs= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1683627784556100007 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Background: For arch X64, system will enable the page table in SPI to cover 0-512G range via CR4.PAE & MSR.LME & CR0.PG & CR3 setting (see ResetVector code). Existi= ng code doesn't cover the higher address access above 512G before memory-disco= vered callback. That will be potential problem if system access the higher address after the transition from temporary RAM to permanent MEM RAM. Solution: This patch is to migrate page table to permanent memory to map entire physi= cal address space if CR0.PG is set during temporary RAM Done. Change-Id: I29bdb078ef567ed9455d1328cb007f4f60a617a2 Cc: Eric Dong Cc: Ray Ni Cc: Zeng Star Cc: Gerd Hoffmann Cc: Rahul Kumar Signed-off-by: Jiaxin Wu --- UefiCpuPkg/SecCore/SecCore.inf | 1 + UefiCpuPkg/SecCore/SecCoreNative.inf | 1 + UefiCpuPkg/SecCore/SecMain.c | 164 +++++++++++++++++++++++++++++++= ++++ UefiCpuPkg/SecCore/SecMain.h | 4 + 4 files changed, 170 insertions(+) diff --git a/UefiCpuPkg/SecCore/SecCore.inf b/UefiCpuPkg/SecCore/SecCore.inf index 3758aded3b..cab69b8b97 100644 --- a/UefiCpuPkg/SecCore/SecCore.inf +++ b/UefiCpuPkg/SecCore/SecCore.inf @@ -53,10 +53,11 @@ CpuExceptionHandlerLib ReportStatusCodeLib PeiServicesLib PeiServicesTablePointerLib HobLib + CpuPageTableLib =20 [Ppis] ## SOMETIMES_CONSUMES ## PRODUCES gEfiSecPlatformInformationPpiGuid diff --git a/UefiCpuPkg/SecCore/SecCoreNative.inf b/UefiCpuPkg/SecCore/SecC= oreNative.inf index 1ee6ff7d88..fa241cca94 100644 --- a/UefiCpuPkg/SecCore/SecCoreNative.inf +++ b/UefiCpuPkg/SecCore/SecCoreNative.inf @@ -50,10 +50,11 @@ CpuExceptionHandlerLib ReportStatusCodeLib PeiServicesLib PeiServicesTablePointerLib HobLib + CpuPageTableLib =20 [Ppis] ## SOMETIMES_CONSUMES ## PRODUCES gEfiSecPlatformInformationPpiGuid diff --git a/UefiCpuPkg/SecCore/SecMain.c b/UefiCpuPkg/SecCore/SecMain.c index 95375850ec..d0dc76e804 100644 --- a/UefiCpuPkg/SecCore/SecMain.c +++ b/UefiCpuPkg/SecCore/SecMain.c @@ -70,10 +70,159 @@ MigrateGdt ( AsmWriteGdtr (&Gdtr); =20 return EFI_SUCCESS; } =20 +/** + Migrate page table to permanent memory mapping entire physical address s= pace. + + @retval EFI_SUCCESS The PageTable was migrated successfully. + @retval EFI_UNSUPPORTED Unsupport to migrate page table to perma= nent memory if IA-32e Mode not actived. + @retval EFI_OUT_OF_RESOURCES The PageTable could not be migrated due = to lack of available memory. + +**/ +EFI_STATUS +MigratePageTable ( + VOID + ) +{ + EFI_STATUS Status; + IA32_CR4 Cr4; + BOOLEAN Page5LevelSupport; + UINT32 RegEax; + UINT32 RegEdx; + BOOLEAN Page1GSupport; + PAGING_MODE PagingMode; + + CPUID_VIR_PHY_ADDRESS_SIZE_EAX VirPhyAddressSize; + UINT32 MaxExtendedFunctionId; + + UINTN PageTable; + VOID *Buffer; + UINTN BufferSize; + IA32_MAP_ATTRIBUTE MapAttribute; + IA32_MAP_ATTRIBUTE MapMask; + + VirPhyAddressSize.Uint32 =3D 0; + PageTable =3D 0; + Buffer =3D NULL; + BufferSize =3D 0; + MapAttribute.Uint64 =3D 0; + MapMask.Uint64 =3D MAX_UINT64; + MapAttribute.Bits.Present =3D 1; + MapAttribute.Bits.ReadWrite =3D 1; + + // + // Check CPU runs in 64bit mode or 32bit mode + // + if (sizeof (UINTN) =3D=3D sizeof (UINT32)) { + DEBUG ((DEBUG_WARN, "MigratePageTable: CPU runs in 32bit mode, unsuppo= rt to migrate page table to permanent memory.\n")); + ASSERT (TRUE); + return EFI_UNSUPPORTED; + } + + // + // Check Page5Level Support or not. + // + Cr4.UintN =3D AsmReadCr4 (); + Page5LevelSupport =3D (Cr4.Bits.LA57 ? TRUE : FALSE); + + // + // Check Page1G Support or not. + // + Page1GSupport =3D FALSE; + AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL); + if (RegEax >=3D CPUID_EXTENDED_CPU_SIG) { + AsmCpuid (CPUID_EXTENDED_CPU_SIG, NULL, NULL, NULL, &RegEdx); + if ((RegEdx & BIT26) !=3D 0) { + Page1GSupport =3D TRUE; + } + } + + // + // Decide Paging Mode according Page5LevelSupport & Page1GSupport. + // + PagingMode =3D Paging5Level1GB; + if (Page5LevelSupport && !Page1GSupport) { + PagingMode =3D Paging5Level; + } else if (!Page5LevelSupport && Page1GSupport) { + PagingMode =3D Paging4Level1GB; + } else if (!Page5LevelSupport && !Page1GSupport) { + PagingMode =3D Paging4Level; + } + + DEBUG ((DEBUG_INFO, "MigratePageTable: PagingMode =3D 0x%lx\n", (UINTN) = PagingMode)); + + // + // Get Maximum Physical Address Bits + // Get the number of address lines; Maximum Physical Address is 2^Physic= alAddressBits - 1. + // If CPUID does not supported, then use a max value of 36 as per SDM 3A= , 4.1.4. + // + AsmCpuid (CPUID_EXTENDED_FUNCTION, &MaxExtendedFunctionId, NULL, NULL, N= ULL); + if (MaxExtendedFunctionId >=3D CPUID_VIR_PHY_ADDRESS_SIZE) { + AsmCpuid (CPUID_VIR_PHY_ADDRESS_SIZE, &VirPhyAddressSize.Uint32, NULL,= NULL, NULL); + } else { + VirPhyAddressSize.Bits.PhysicalAddressBits =3D 36; + } + + if (PagingMode =3D=3D Paging4Level1GB || PagingMode =3D=3D Paging4Level)= { + // + // The max lineaddress bits is 48 for 4 level page table. + // + VirPhyAddressSize.Bits.PhysicalAddressBits =3D MIN (VirPhyAddressSize.= Bits.PhysicalAddressBits, 48); + } + + DEBUG ((DEBUG_INFO, "MigratePageTable: Maximum Physical Address Bits =3D= %d\n", VirPhyAddressSize.Bits.PhysicalAddressBits)); + + // + // Get required buffer size for the pagetable that will be created. + // + Status =3D PageTableMap (&PageTable, PagingMode, 0, &BufferSize, 0, LShi= ftU64 (1, VirPhyAddressSize.Bits.PhysicalAddressBits), &MapAttribute, &MapM= ask, NULL); + ASSERT (Status =3D=3D EFI_BUFFER_TOO_SMALL); + if (Status !=3D EFI_BUFFER_TOO_SMALL) { + DEBUG ((DEBUG_ERROR, "MigratePageTable: Failed to get PageTable requir= ed BufferSize, Status =3D %r\n", Status)); + return Status; + } + + DEBUG ((DEBUG_INFO, "MigratePageTable: Get PageTable required BufferSize= =3D %x\n", BufferSize)); + + // + // Allocate required Buffer. + // + Status =3D PeiServicesAllocatePages ( + EfiBootServicesData, + EFI_SIZE_TO_PAGES (BufferSize), + &((EFI_PHYSICAL_ADDRESS) Buffer) + ); + ASSERT (Buffer !=3D NULL); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "MigratePageTable: Failed to allocate PageTable r= equired BufferSize, Status =3D %r\n", Status)); + return EFI_OUT_OF_RESOURCES; + } + + // + // Create PageTable in permanent memory. + // + Status =3D PageTableMap (&PageTable, PagingMode, Buffer, &BufferSize, 0,= LShiftU64 (1, VirPhyAddressSize.Bits.PhysicalAddressBits), &MapAttribute, = &MapMask, NULL); + ASSERT (!EFI_ERROR (Status) && PageTable !=3D 0); + if (EFI_ERROR (Status) || PageTable =3D=3D 0) { + DEBUG ((DEBUG_ERROR, "MigratePageTable: Failed to create PageTable, St= atus =3D %r, PageTable =3D 0x%lx\n", Status, PageTable)); + return EFI_OUT_OF_RESOURCES; + } + + DEBUG ((DEBUG_INFO, "MigratePageTable: Create PageTable =3D 0x%lx\n", Pa= geTable)); + + // + // Write the Pagetable to CR3. + // + AsmWriteCr3 (PageTable); + + DEBUG ((DEBUG_INFO, "MigratePageTable: Write the Pagetable to CR3 Sucess= fully.\n")); + + return Status; +} + // // These are IDT entries pointing to 10:FFFFFFE4h. // UINT64 mIdtEntryTemplate =3D 0xffff8e000010ffe4ULL; =20 @@ -492,10 +641,25 @@ SecTemporaryRamDone ( if (PcdGetBool (PcdMigrateTemporaryRamFirmwareVolumes)) { Status =3D MigrateGdt (); ASSERT_EFI_ERROR (Status); } =20 + // + // Migrate page table to permanent memory mapping entire physical addres= s space if CR0.PG is set. + // + if ((AsmReadCr0 () & BIT31) !=3D 0) { + // + // CR4.PAE must be enabled. + // + ASSERT ((AsmReadCr4 () & BIT5) !=3D 0); + Status =3D MigratePageTable (); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_WARN, "SecTemporaryRamDone: Failed to migrate page tab= le to permanent memory: %r.\n", Status)); + ASSERT_EFI_ERROR (Status); + } + } + // // Disable Temporary RAM after Stack and Heap have been migrated at this= point. // SecPlatformDisableTemporaryMemory (); =20 diff --git a/UefiCpuPkg/SecCore/SecMain.h b/UefiCpuPkg/SecCore/SecMain.h index 880e6cd1b8..b50d96e45b 100644 --- a/UefiCpuPkg/SecCore/SecMain.h +++ b/UefiCpuPkg/SecCore/SecMain.h @@ -17,10 +17,11 @@ #include #include =20 #include =20 +#include #include #include #include #include #include @@ -30,10 +31,13 @@ #include #include #include #include #include +#include +#include +#include =20 #define SEC_IDT_ENTRY_COUNT 34 =20 typedef struct _SEC_IDT_TABLE { // --=20 2.16.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#104361): https://edk2.groups.io/g/devel/message/104361 Mute This Topic: https://groups.io/mt/98780500/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 16:34:19 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+104362+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+104362+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1683627785; cv=none; d=zohomail.com; s=zohoarc; b=futCoI05fVXYziwB5djGLQ02O3YxjwRF7xnk9AJxgloOiYpQqiZ2RLMkRTymXrS2qgj1gAeFpe+7ai9ChYvMJ72KcNqCjhAwcfuuDOMk2rkS9kVhFUGldc5y9F6tHAgNpn9IDn8I41ZoIZTwpuXtdD6uFC1M5+h2Q3oqCBTybrU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1683627785; h=Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:Message-ID:Reply-To:References:Sender:Subject:To; bh=7irtlTti7scyZswDmW9ga3gEp3DtA8v6eeQ8MtZwPtI=; b=O7LsC9cFim4mWv8bWD3h+2+iODH7mbsYEdwkdijjoJdMih2jCfiPWJcdW/VcLiLWXe+wNeJGRNTC+4WjpGKuYSOawpJOnbte60fgRYm5IFs1PWeCmaNfdNT/iaQewwyheccXn4fuMawMxUWyGGwwsj0XpBa6A3f8tqdMnYNZxK0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+104362+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 168362778527419.439780161510612; Tue, 9 May 2023 03:23:05 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id dmpvYY1788612xauL22QqCuI; Tue, 09 May 2023 03:23:04 -0700 X-Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by mx.groups.io with SMTP id smtpd.web11.28255.1683627780311432681 for ; Tue, 09 May 2023 03:23:04 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10704"; a="352058205" X-IronPort-AV: E=Sophos;i="5.99,261,1677571200"; d="scan'208";a="352058205" X-Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 May 2023 03:23:03 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10704"; a="768454102" X-IronPort-AV: E=Sophos;i="5.99,261,1677571200"; d="scan'208";a="768454102" X-Received: from sh1gapp1009.ccr.corp.intel.com ([10.239.189.219]) by fmsmga004.fm.intel.com with ESMTP; 09 May 2023 03:23:01 -0700 From: "Wu, Jiaxin" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Zeng Star , Gerd Hoffmann , Rahul Kumar Subject: [edk2-devel] [PATCH v1 2/3] UefiCpuPkg/CpuMpPei: Enable PAE page table if CR0.PG is not set Date: Tue, 9 May 2023 18:22:52 +0800 Message-Id: <20230509102253.16632-3-jiaxin.wu@intel.com> In-Reply-To: <20230509102253.16632-1-jiaxin.wu@intel.com> References: <20230509102253.16632-1-jiaxin.wu@intel.com> Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,jiaxin.wu@intel.com X-Gm-Message-State: 5HbzOLCi9Jcoql3dDmZ0XiMox1787277AA= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1683627784; bh=8KPfQ0cu0iXorOdRraQkw7IvW9ASG+CWeJ+GDnN5xEo=; h=Cc:Date:From:Reply-To:Subject:To; b=rZdwDKXHAENQMq3t+SZxIzUP7/jCWdnhvjat4tsXNnT5jflNiu40bLGz7iVq01ekCCu XMlkRcGAssUPuAXBJtMWMHdCAFxyDD5UJvMG4tfN0TR12WKOQso9TKGIkslvoOesP86JW ku21TGhELSnDv7F3nTZO9nBFxQQeUPFm4JQ= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1683627786970100011 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Some security features depends on the page table enabling. So, This patch is to enable the page table if page table has not been enabled during the transition from Temporary RAM to Permanent RAM. Note: If page table is not enabled before this point, which means the system IA-32e Mode is not activated. Because on Intel 64 processors, IA-32e Mode operation requires physical address extensions with 4 or 5 levels of enhanc= ed paging structures (see Section 4.5, "4 - Level Paging and 5 -Level Paging" and Section 9.8, "Initializing IA-32e Mode"). So, just enable PAE page table if CR0.PG is not set. Change-Id: Ibfbfdace1fe7e29ab94463629d8d2f539a43f1b9 Cc: Eric Dong Cc: Ray Ni Cc: Zeng Star Cc: Gerd Hoffmann Cc: Rahul Kumar Signed-off-by: Jiaxin Wu --- UefiCpuPkg/CpuMpPei/CpuMpPei.h | 1 + UefiCpuPkg/CpuMpPei/CpuMpPei.inf | 1 + UefiCpuPkg/CpuMpPei/CpuPaging.c | 228 +++++++++++++++++------------------= ---- 3 files changed, 102 insertions(+), 128 deletions(-) diff --git a/UefiCpuPkg/CpuMpPei/CpuMpPei.h b/UefiCpuPkg/CpuMpPei/CpuMpPei.h index 0649c48d14..1b9a94e18f 100644 --- a/UefiCpuPkg/CpuMpPei/CpuMpPei.h +++ b/UefiCpuPkg/CpuMpPei/CpuMpPei.h @@ -26,10 +26,11 @@ #include #include #include #include #include +#include =20 extern EFI_PEI_PPI_DESCRIPTOR mPeiCpuMpPpiDesc; =20 /** This service retrieves the number of logical processor in the platform diff --git a/UefiCpuPkg/CpuMpPei/CpuMpPei.inf b/UefiCpuPkg/CpuMpPei/CpuMpPe= i.inf index 7444bdb968..865be5627e 100644 --- a/UefiCpuPkg/CpuMpPei/CpuMpPei.inf +++ b/UefiCpuPkg/CpuMpPei/CpuMpPei.inf @@ -44,10 +44,11 @@ CpuExceptionHandlerLib MpInitLib BaseMemoryLib CpuLib MemoryAllocationLib + CpuPageTableLib =20 [Guids] gEdkiiMigratedFvInfoGuid ## = SOMETIMES_CONSUMES ## HOB =20 [Ppis] diff --git a/UefiCpuPkg/CpuMpPei/CpuPaging.c b/UefiCpuPkg/CpuMpPei/CpuPagin= g.c index a471f089c8..6c113051fe 100644 --- a/UefiCpuPkg/CpuMpPei/CpuPaging.c +++ b/UefiCpuPkg/CpuMpPei/CpuPaging.c @@ -115,42 +115,10 @@ AllocatePageTableMemory ( } =20 return Address; } =20 -/** - Get the address width supported by current processor. - - @retval 32 If processor is in 32-bit mode. - @retval 36-48 If processor is in 64-bit mode. - -**/ -UINTN -GetPhysicalAddressWidth ( - VOID - ) -{ - UINT32 RegEax; - - if (sizeof (UINTN) =3D=3D 4) { - return 32; - } - - AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL); - if (RegEax >=3D CPUID_VIR_PHY_ADDRESS_SIZE) { - AsmCpuid (CPUID_VIR_PHY_ADDRESS_SIZE, &RegEax, NULL, NULL, NULL); - RegEax &=3D 0xFF; - if (RegEax > 48) { - return 48; - } - - return (UINTN)RegEax; - } - - return 36; -} - /** Get the type of top level page table. =20 @retval Page512G PML4 paging. @retval Page1G PAE paging. @@ -381,120 +349,93 @@ ConvertMemoryPageAttributes ( =20 return RETURN_SUCCESS; } =20 /** - Get maximum size of page memory supported by current processor. - - @param[in] TopLevelType The type of top level page entry. + Enable PAE Page Table. =20 - @retval Page1G If processor supports 1G page and PML4. - @retval Page2M For all other situations. + @retval EFI_SUCCESS The PAE Page Table was enabled successfu= lly. + @retval EFI_OUT_OF_RESOURCES The PAE Page Table could not be enabled = due to lack of available memory. =20 **/ -PAGE_ATTRIBUTE -GetMaxMemoryPage ( - IN PAGE_ATTRIBUTE TopLevelType - ) -{ - UINT32 RegEax; - UINT32 RegEdx; - - if (TopLevelType =3D=3D Page512G) { - AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL); - if (RegEax >=3D CPUID_EXTENDED_CPU_SIG) { - AsmCpuid (CPUID_EXTENDED_CPU_SIG, NULL, NULL, NULL, &RegEdx); - if ((RegEdx & BIT26) !=3D 0) { - return Page1G; - } - } - } - - return Page2M; -} - -/** - Create PML4 or PAE page table. - - @return The address of page table. - -**/ -UINTN -CreatePageTable ( +EFI_STATUS +EnablePaePageTable ( VOID ) { - RETURN_STATUS Status; - UINTN PhysicalAddressBits; - UINTN NumberOfEntries; - PAGE_ATTRIBUTE TopLevelPageAttr; - UINTN PageTable; - PAGE_ATTRIBUTE MaxMemoryPage; - UINTN Index; - UINT64 AddressEncMask; - UINT64 *PageEntry; - EFI_PHYSICAL_ADDRESS PhysicalAddress; - - TopLevelPageAttr =3D (PAGE_ATTRIBUTE)GetPageTableTopLevelType (); - PhysicalAddressBits =3D GetPhysicalAddressWidth (); - NumberOfEntries =3D (UINTN)1 << (PhysicalAddressBits - - mPageAttributeTable[TopLevelPageAttr]= .AddressBitOffset); + EFI_STATUS Status; + PAGING_MODE PagingMode; + + UINTN PageTable; + VOID *Buffer; + UINTN BufferSize; + IA32_MAP_ATTRIBUTE MapAttribute; + IA32_MAP_ATTRIBUTE MapMask; + + PagingMode =3D PagingPae; + PageTable =3D 0; + Buffer =3D NULL; + BufferSize =3D 0; + MapAttribute.Uint64 =3D 0; + MapMask.Uint64 =3D MAX_UINT64; + MapAttribute.Bits.Present =3D 1; + MapAttribute.Bits.ReadWrite =3D 1; =20 - PageTable =3D (UINTN)AllocatePageTableMemory (1); - if (PageTable =3D=3D 0) { - return 0; + // + // Get required buffer size for the pagetable that will be created. + // The Max size of LinearAddress for PAE is 2^32. + // + Status =3D PageTableMap (&PageTable, PagingMode, 0, &BufferSize, 0, LShi= ftU64 (1, 32), &MapAttribute, &MapMask, NULL); + ASSERT (Status =3D=3D EFI_BUFFER_TOO_SMALL); + if (Status !=3D EFI_BUFFER_TOO_SMALL) { + DEBUG ((DEBUG_ERROR, "EnablePaePageTable: Failed to get PageTable requ= ired BufferSize, Status =3D %r\n", Status)); + return Status; } =20 - AddressEncMask =3D PcdGet64 (PcdPteMemoryEncryptionAddressOrMask); - AddressEncMask &=3D mPageAttributeTable[TopLevelPageAttr].AddressMask; - MaxMemoryPage =3D GetMaxMemoryPage (TopLevelPageAttr); - PageEntry =3D (UINT64 *)PageTable; + DEBUG ((DEBUG_INFO, "EnablePaePageTable: Get PageTable required BufferSi= ze =3D %x\n", BufferSize)); + + // + // Allocate required Buffer. + // + Buffer =3D AllocatePageTableMemory (EFI_SIZE_TO_PAGES (BufferSize)); + ASSERT (Buffer !=3D NULL); + if (Buffer =3D=3D NULL) { + DEBUG ((DEBUG_ERROR, "EnablePaePageTable: Failed to allocate PageTable= required BufferSize!\n")); + return EFI_OUT_OF_RESOURCES; + } =20 - PhysicalAddress =3D 0; - for (Index =3D 0; Index < NumberOfEntries; ++Index) { - *PageEntry =3D PhysicalAddress | AddressEncMask | PAGE_ATTRIBUTE_BITS; + // + // Create PageTable in permanent memory. + // The Max size of LinearAddress for PAE is 2^32. + // + Status =3D PageTableMap (&PageTable, PagingMode, Buffer, &BufferSize, 0,= LShiftU64 (1, 32), &MapAttribute, &MapMask, NULL); + ASSERT (!EFI_ERROR (Status) && PageTable !=3D 0); + if (EFI_ERROR (Status) || PageTable =3D=3D 0) { + DEBUG ((DEBUG_ERROR, "EnablePaePageTable: Failed to create PageTable, = Status =3D %r, PageTable =3D 0x%lx\n", Status, PageTable)); + return EFI_OUT_OF_RESOURCES; + } =20 - // - // Split the top page table down to the maximum page size supported - // - if (MaxMemoryPage < TopLevelPageAttr) { - Status =3D SplitPage (PageEntry, TopLevelPageAttr, MaxMemoryPage, TR= UE); - ASSERT_EFI_ERROR (Status); - } + DEBUG ((DEBUG_INFO, "EnablePaePageTable: Create PageTable =3D 0x%x\n", P= ageTable)); =20 - if (TopLevelPageAttr =3D=3D Page1G) { - // - // PDPTE[2:1] (PAE Paging) must be 0. SplitPage() might change them = to 1. - // - *PageEntry &=3D ~(UINT64)(IA32_PG_RW | IA32_PG_U); - } + // + // Write the Pagetable to CR3. + // + AsmWriteCr3 (PageTable); =20 - PageEntry +=3D 1; - PhysicalAddress +=3D mPageAttributeTable[TopLevelPageAttr].Length; - } + // + // Enable CR4.PAE + // + AsmWriteCr4 (AsmReadCr4 () | BIT5); =20 - return PageTable; -} + // + // Enable CR0.PG + // + AsmWriteCr0 (AsmReadCr0 () | BIT31); =20 -/** - Setup page tables and make them work. + DEBUG ((DEBUG_INFO, "EnablePaePageTable: Enabled PAE PageTable Sucessful= ly.\n")); =20 -**/ -VOID -EnablePaging ( - VOID - ) -{ - UINTN PageTable; - - PageTable =3D CreatePageTable (); - ASSERT (PageTable !=3D 0); - if (PageTable !=3D 0) { - AsmWriteCr3 (PageTable); - AsmWriteCr4 (AsmReadCr4 () | BIT5); // CR4.PAE - AsmWriteCr0 (AsmReadCr0 () | BIT31); // CR0.PG - } + return Status; } =20 /** Get the base address of current AP's stack. =20 @@ -622,10 +563,11 @@ MemoryDiscoveredPpiNotifyCallback ( { EFI_STATUS Status; BOOLEAN InitStackGuard; EDKII_MIGRATED_FV_INFO *MigratedFvInfo; EFI_PEI_HOB_POINTERS Hob; + MSR_IA32_EFER_REGISTER MsrEfer; =20 // // Paging must be setup first. Otherwise the exception TSS setup during = MP // initialization later will not contain paging information and then fail // the task switch (for the sake of stack switch). @@ -635,12 +577,42 @@ MemoryDiscoveredPpiNotifyCallback ( if (IsIa32PaeSupported ()) { Hob.Raw =3D GetFirstGuidHob (&gEdkiiMigratedFvInfoGuid); InitStackGuard =3D PcdGetBool (PcdCpuStackGuard); } =20 - if (InitStackGuard || (Hob.Raw !=3D NULL)) { - EnablePaging (); + // + // Some security features depends on the page table enabling.So, here + // is to enable the page table if page table has not been enabled yet. + // If page table is not enabled before this point, which means the system + // IA-32e Mode is not activated.Because on Intel 64 processors, IA-32e M= ode + // operation requires physical address extensions with 4 or 5 levels of + // enhanced paging structures (see Section 4.5, "4 - Level Paging and 5 - + // Level Paging" and Section 9.8, "Initializing IA-32e Mode"). So, just + // enable PAE page table if CR0.PG is not set. + // + if (((AsmReadCr0 () & BIT31) =3D=3D 0) && (InitStackGuard || (Hob.Raw != =3D NULL))) { + // + // Check CPU runs in 32bit mode. + // + MsrEfer.Uint64 =3D AsmReadMsr64 (MSR_CORE_IA32_EFER); + if (MsrEfer.Bits.LMA =3D=3D 1) { + // + // On Intel 64 processors, IA-32e Mode operation requires physical -= address extensions with + // 4 or 5 levels of enhanced paging structures (see Section 4.5, "4 = - Level Paging and + // 5 - Level Paging" and Section 9.8, "Initializing IA-32e Mode"). S= o, it must something wrong + // if MsrEfer.Bits.LMA =3D=3D 1 with no page table enbaled before. + // + DEBUG ((DEBUG_ERROR, "MemoryDiscoveredPpiNotifyCallback: No page tab= le with IA-32e Mode actived!\n")); + ASSERT (MsrEfer.Bits.LMA =3D=3D 0); + return EFI_DEVICE_ERROR; + } + + Status =3D EnablePaePageTable (); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_WARN, "MemoryDiscoveredPpiNotifyCallback: Failed to en= able PAE page table: %r.\n", Status)); + ASSERT_EFI_ERROR (Status); + } } =20 Status =3D InitializeCpuMpWorker ((CONST EFI_PEI_SERVICES **)PeiServices= ); ASSERT_EFI_ERROR (Status); =20 --=20 2.16.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#104362): https://edk2.groups.io/g/devel/message/104362 Mute This Topic: https://groups.io/mt/98780501/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 16:34:19 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+104363+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+104363+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1683627787; cv=none; d=zohomail.com; s=zohoarc; b=kiFeKpb/tCwDN/j/M8oMV8RnwsvIWpeXBd7BcgH2EYgLqhf0YyrJtWf+52GPR5xeJ4Di5Mv/lTxyumOMGAUdzxMynZZH2WcH8nQbwGys8FAvn1QH9Tlga2fHYTq3rWMsXHHLkTxseIlxbcoyp85gOFKsGO09GMfWyih1dCq1BKo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1683627787; h=Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:Message-ID:Reply-To:References:Sender:Subject:To; bh=o5vwgaKBhf5KI+sxxwMk29za5KmqdapeXSlBrlm4eS8=; b=NQ267k+ghd/7ZIsBM3npgK1NrQYCDZaBsqR62OtuwID7OxWCB5XmZrk2clgwlMNocqFf3H3KPjuCrdGNIYwR17y6c3zBYRZE/orWNoZ2tBdTByaoffXj0BaO1rfJS0srnxymg/i/xhJEkx6JL4jIu67zWAs1jXWkvH8kdrwr9P0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+104363+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1683627787873467.2693841502396; Tue, 9 May 2023 03:23:07 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id Q5xdYY1788612xlOifY9NhS4; Tue, 09 May 2023 03:23:07 -0700 X-Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by mx.groups.io with SMTP id smtpd.web11.28255.1683627780311432681 for ; Tue, 09 May 2023 03:23:07 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10704"; a="352058228" X-IronPort-AV: E=Sophos;i="5.99,261,1677571200"; d="scan'208";a="352058228" X-Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 May 2023 03:23:05 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10704"; a="768454187" X-IronPort-AV: E=Sophos;i="5.99,261,1677571200"; d="scan'208";a="768454187" X-Received: from sh1gapp1009.ccr.corp.intel.com ([10.239.189.219]) by fmsmga004.fm.intel.com with ESMTP; 09 May 2023 03:23:03 -0700 From: "Wu, Jiaxin" To: devel@edk2.groups.io Cc: Dandan Bi , Liming Gao , Eric Dong , Ray Ni , Zeng Star , Gerd Hoffmann , Rahul Kumar Subject: [edk2-devel] [PATCH v1 3/3] MdeModulePkg/DxeIpl: Align Page table Level setting with previous level. Date: Tue, 9 May 2023 18:22:53 +0800 Message-Id: <20230509102253.16632-4-jiaxin.wu@intel.com> In-Reply-To: <20230509102253.16632-1-jiaxin.wu@intel.com> References: <20230509102253.16632-1-jiaxin.wu@intel.com> Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,jiaxin.wu@intel.com X-Gm-Message-State: mDKdylltU84S08Wm4eEP4bZtx1787277AA= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1683627787; bh=PNJeeOblpRTyzmmVfjED8cE1lgy9TrQSNVRX2CheXxk=; h=Cc:Date:From:Reply-To:Subject:To; b=pl+aCnSWWFLaAPMyWUNsn4ZfCePCgaqXxIGdgWtGgeedR8j/PB6lmNloxBr93Psrgf1 J73TVqKypW+dpqqbQjK6/kPBLhlUoqQ4rM052OJSiAYVxgQzFi9sSRKa6hjAjTXGjFX0k S6OtkTiopQiLhnVaQSObQe55T4gfAME+86E= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1683627788909100013 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" System paging 5 level enabled or not can be checked via CR4.LA57, system preferred Page table Level (PcdUse5LevelPageTable) must align with previous level for X64 mode. This patch is to do the wise check: If X64, Page table Level setting in PcdUse5LevelPageTable must align with previous level. If IA32, Page table Level is decided by PcdUse5LevelPageTable and feature capability. Change-Id: Ia7f7e365c7354cc49f971209bfcbc5af5aded062 Cc: Dandan Bi Cc: Liming Gao Cc: Eric Dong Cc: Ray Ni Cc: Zeng Star Cc: Gerd Hoffmann Cc: Rahul Kumar Signed-off-by: Jiaxin Wu --- MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 39 ++++++++++++++++----= ---- 1 file changed, 27 insertions(+), 12 deletions(-) diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c b/MdeModulePk= g/Core/DxeIplPeim/X64/VirtualMemory.c index 18b121d768..301e200cd8 100644 --- a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c +++ b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c @@ -737,22 +737,37 @@ CreateIdentityMappingPageTables ( } else { PhysicalAddressBits =3D 36; } } =20 - Page5LevelSupport =3D FALSE; - if (PcdGetBool (PcdUse5LevelPageTable)) { - AsmCpuidEx ( - CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS, - CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS_SUB_LEAF_INFO, - NULL, - NULL, - &EcxFlags.Uint32, - NULL - ); - if (EcxFlags.Bits.FiveLevelPage !=3D 0) { - Page5LevelSupport =3D TRUE; + // + // Check run in X64 or IA32 + // + if (sizeof (UINTN) =3D=3D sizeof (UINT64)) { + // + // If X64, Page table Level must align with previous level. + // + Cr4.UintN =3D AsmReadCr4 (); + Page5LevelSupport =3D Cr4.Bits.LA57 ? TRUE : FALSE; + ASSERT (PcdGetBool (PcdUse5LevelPageTable) =3D=3D Page5LevelSupport); + } else { + // + // If IA32, Page table Level is decided by PCD and feature capbility. + // + Page5LevelSupport =3D FALSE; + if (PcdGetBool (PcdUse5LevelPageTable)) { + AsmCpuidEx ( + CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS, + CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS_SUB_LEAF_INFO, + NULL, + NULL, + &EcxFlags.Uint32, + NULL + ); + if (EcxFlags.Bits.FiveLevelPage !=3D 0) { + Page5LevelSupport =3D TRUE; + } } } =20 DEBUG ((DEBUG_INFO, "AddressBits=3D%u 5LevelPaging=3D%u 1GPage=3D%u\n", = PhysicalAddressBits, Page5LevelSupport, Page1GSupport)); =20 --=20 2.16.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#104363): https://edk2.groups.io/g/devel/message/104363 Mute This Topic: https://groups.io/mt/98780503/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-