:p
atchew
Login
For arch X64, system will enable the page table in SPI to cover 0-512G range via CR4.PAE & MSR.LME & CR0.PG & CR3 setting. Existing code doesn't cover the higher address access above 512G before memory-discovered callback. This series patches provide the solution to enable paging from temporary RAM Done. Jiaxin Wu (5): UefiCpuPkg/SecCore: Migrate page table to permanent memory UefiCpuPkg/CpuMpPei: Enable PAE page table if CR0.PG is not set MdeModulePkg/DxeIpl: Align Page table Level setting with previous level. OvmfPkg: Add CpuPageTableLib required by SecCore & CpuMpPei UefiPayloadPkg: Add CpuPageTableLib required by SecCore & CpuMpPei MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 39 ++-- OvmfPkg/AmdSev/AmdSevX64.dsc | 2 +- OvmfPkg/CloudHv/CloudHvX64.dsc | 2 +- OvmfPkg/IntelTdx/IntelTdxX64.dsc | 3 +- OvmfPkg/Microvm/MicrovmX64.dsc | 2 +- OvmfPkg/OvmfPkgIa32.dsc | 1 + OvmfPkg/OvmfPkgIa32X64.dsc | 2 +- OvmfPkg/OvmfPkgX64.dsc | 3 +- OvmfPkg/OvmfXen.dsc | 2 +- UefiCpuPkg/CpuMpPei/CpuMpPei.h | 1 + UefiCpuPkg/CpuMpPei/CpuMpPei.inf | 1 + UefiCpuPkg/CpuMpPei/CpuPaging.c | 215 +++++++++-------------- UefiCpuPkg/SecCore/SecCore.inf | 1 + UefiCpuPkg/SecCore/SecCoreNative.inf | 1 + UefiCpuPkg/SecCore/SecMain.c | 152 ++++++++++++++++ UefiCpuPkg/SecCore/SecMain.h | 4 + UefiPayloadPkg/UefiPayloadPkg.dsc | 2 +- 17 files changed, 282 insertions(+), 151 deletions(-) -- 2.16.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#104758): https://edk2.groups.io/g/devel/message/104758 Mute This Topic: https://groups.io/mt/98843217/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
Background: For arch X64, system will enable the page table in SPI to cover 0-512G range via CR4.PAE & MSR.LME & CR0.PG & CR3 setting (see ResetVector code). Existing code doesn't cover the higher address access above 512G before memory-discovered callback. That will be potential problem if system access the higher address after the transition from temporary RAM to permanent MEM RAM. Solution: This patch is to migrate page table to permanent memory to map entire physical address space if CR0.PG is set during temporary RAM Done. Cc: Eric Dong <eric.dong@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Zeng Star <star.zeng@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Rahul Kumar <rahul1.kumar@intel.com> Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com> --- UefiCpuPkg/SecCore/SecCore.inf | 1 + UefiCpuPkg/SecCore/SecCoreNative.inf | 1 + UefiCpuPkg/SecCore/SecMain.c | 152 +++++++++++++++++++++++++++++++++++ UefiCpuPkg/SecCore/SecMain.h | 4 + 4 files changed, 158 insertions(+) diff --git a/UefiCpuPkg/SecCore/SecCore.inf b/UefiCpuPkg/SecCore/SecCore.inf index XXXXXXX..XXXXXXX 100644 --- a/UefiCpuPkg/SecCore/SecCore.inf +++ b/UefiCpuPkg/SecCore/SecCore.inf @@ -XXX,XX +XXX,XX @@ CpuExceptionHandlerLib ReportStatusCodeLib PeiServicesLib PeiServicesTablePointerLib HobLib + CpuPageTableLib [Ppis] ## SOMETIMES_CONSUMES ## PRODUCES gEfiSecPlatformInformationPpiGuid diff --git a/UefiCpuPkg/SecCore/SecCoreNative.inf b/UefiCpuPkg/SecCore/SecCoreNative.inf index XXXXXXX..XXXXXXX 100644 --- a/UefiCpuPkg/SecCore/SecCoreNative.inf +++ b/UefiCpuPkg/SecCore/SecCoreNative.inf @@ -XXX,XX +XXX,XX @@ CpuExceptionHandlerLib ReportStatusCodeLib PeiServicesLib PeiServicesTablePointerLib HobLib + CpuPageTableLib [Ppis] ## SOMETIMES_CONSUMES ## PRODUCES gEfiSecPlatformInformationPpiGuid diff --git a/UefiCpuPkg/SecCore/SecMain.c b/UefiCpuPkg/SecCore/SecMain.c index XXXXXXX..XXXXXXX 100644 --- a/UefiCpuPkg/SecCore/SecMain.c +++ b/UefiCpuPkg/SecCore/SecMain.c @@ -XXX,XX +XXX,XX @@ MigrateGdt ( AsmWriteGdtr (&Gdtr); return EFI_SUCCESS; } +/** + Migrate page table to permanent memory mapping entire physical address space. + + @retval EFI_SUCCESS The PageTable was migrated successfully. + @retval EFI_UNSUPPORTED Unsupport to migrate page table to permanent memory if IA-32e Mode not actived. + @retval EFI_OUT_OF_RESOURCES The PageTable could not be migrated due to lack of available memory. + +**/ +EFI_STATUS +MigratePageTable ( + VOID + ) +{ + EFI_STATUS Status; + IA32_CR4 Cr4; + BOOLEAN Page5LevelSupport; + UINT32 RegEax; + CPUID_EXTENDED_CPU_SIG_EDX RegEdx; + BOOLEAN Page1GSupport; + PAGING_MODE PagingMode; + CPUID_VIR_PHY_ADDRESS_SIZE_EAX VirPhyAddressSize; + UINT32 MaxExtendedFunctionId; + UINTN PageTable; + EFI_PHYSICAL_ADDRESS Buffer; + UINTN BufferSize; + IA32_MAP_ATTRIBUTE MapAttribute; + IA32_MAP_ATTRIBUTE MapMask; + + VirPhyAddressSize.Uint32 = 0; + PageTable = 0; + BufferSize = 0; + MapAttribute.Uint64 = 0; + MapMask.Uint64 = MAX_UINT64; + MapAttribute.Bits.Present = 1; + MapAttribute.Bits.ReadWrite = 1; + + // + // Check Page5Level Support or not. + // + Cr4.UintN = AsmReadCr4 (); + Page5LevelSupport = (Cr4.Bits.LA57 ? TRUE : FALSE); + + // + // Check Page1G Support or not. + // + Page1GSupport = FALSE; + AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL); + if (RegEax >= CPUID_EXTENDED_CPU_SIG) { + AsmCpuid (CPUID_EXTENDED_CPU_SIG, NULL, NULL, NULL, &(RegEdx.Uint32)); + if ((RegEdx.Bits.Page1GB) != 0) { + Page1GSupport = TRUE; + } + } + + // + // Decide Paging Mode according Page5LevelSupport & Page1GSupport. + // + if (Page5LevelSupport) { + PagingMode = Page1GSupport ? Paging5Level1GB : Paging5Level; + } else { + PagingMode = Page1GSupport ? Paging4Level1GB : Paging4Level; + } + + // + // Get Maximum Physical Address Bits + // Get the number of address lines; Maximum Physical Address is 2^PhysicalAddressBits - 1. + // If CPUID does not supported, then use a max value of 36 as per SDM 3A, 4.1.4. + // + AsmCpuid (CPUID_EXTENDED_FUNCTION, &MaxExtendedFunctionId, NULL, NULL, NULL); + if (MaxExtendedFunctionId >= CPUID_VIR_PHY_ADDRESS_SIZE) { + AsmCpuid (CPUID_VIR_PHY_ADDRESS_SIZE, &VirPhyAddressSize.Uint32, NULL, NULL, NULL); + } else { + VirPhyAddressSize.Bits.PhysicalAddressBits = 36; + } + + if ((PagingMode == Paging4Level1GB) || (PagingMode == Paging4Level)) { + // + // The max lineaddress bits is 48 for 4 level page table. + // + VirPhyAddressSize.Bits.PhysicalAddressBits = MIN (VirPhyAddressSize.Bits.PhysicalAddressBits, 48); + } + + // + // Get required buffer size for the pagetable that will be created. + // + Status = PageTableMap (&PageTable, PagingMode, 0, &BufferSize, 0, LShiftU64 (1, VirPhyAddressSize.Bits.PhysicalAddressBits), &MapAttribute, &MapMask, NULL); + ASSERT (Status == EFI_BUFFER_TOO_SMALL); + if (Status != EFI_BUFFER_TOO_SMALL) { + return Status; + } + + // + // Allocate required Buffer. + // + Status = PeiServicesAllocatePages ( + EfiBootServicesData, + EFI_SIZE_TO_PAGES (BufferSize), + &Buffer + ); + if (EFI_ERROR (Status)) { + return EFI_OUT_OF_RESOURCES; + } + + // + // Create PageTable in permanent memory. + // + Status = PageTableMap (&PageTable, PagingMode, (VOID *)(UINTN)Buffer, &BufferSize, 0, LShiftU64 (1, VirPhyAddressSize.Bits.PhysicalAddressBits), &MapAttribute, &MapMask, NULL); + ASSERT_EFI_ERROR (Status); + if (EFI_ERROR (Status) || (PageTable == 0)) { + return EFI_OUT_OF_RESOURCES; + } + + // + // Write the Pagetable to CR3. + // + AsmWriteCr3 (PageTable); + + DEBUG (( + DEBUG_INFO, + "MigratePageTable: Created PageTable = 0x%lx, BufferSize = %x, PagingMode = 0x%lx, Support Max Physical Address Bits = %d\n", + PageTable, + BufferSize, + (UINTN)PagingMode, + VirPhyAddressSize.Bits.PhysicalAddressBits + )); + + return Status; +} + // // These are IDT entries pointing to 10:FFFFFFE4h. // UINT64 mIdtEntryTemplate = 0xffff8e000010ffe4ULL; @@ -XXX,XX +XXX,XX @@ SecTemporaryRamDone ( EFI_STATUS Status2; UINTN Index; BOOLEAN State; EFI_PEI_PPI_DESCRIPTOR *PeiPpiDescriptor; REPUBLISH_SEC_PPI_PPI *RepublishSecPpiPpi; + IA32_CR0 Cr0; // // Republish Sec Platform Information(2) PPI // RepublishSecPlatformInformationPpi (); @@ -XXX,XX +XXX,XX @@ SecTemporaryRamDone ( if (PcdGetBool (PcdMigrateTemporaryRamFirmwareVolumes)) { Status = MigrateGdt (); ASSERT_EFI_ERROR (Status); } + // + // Migrate page table to permanent memory mapping entire physical address space if CR0.PG is set. + // + Cr0.UintN = AsmReadCr0 (); + if (Cr0.Bits.PG != 0) { + // + // CR4.PAE must be enabled. + // + ASSERT ((AsmReadCr4 () & BIT5) != 0); + + // + // Assume CPU runs in 64bit mode if paging is enabled. + // + ASSERT (sizeof (UINTN) == sizeof (UINT64)); + + Status = MigratePageTable (); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_WARN, "SecTemporaryRamDone: Failed to migrate page table to permanent memory: %r.\n", Status)); + ASSERT_EFI_ERROR (Status); + } + } + // // Disable Temporary RAM after Stack and Heap have been migrated at this point. // SecPlatformDisableTemporaryMemory (); diff --git a/UefiCpuPkg/SecCore/SecMain.h b/UefiCpuPkg/SecCore/SecMain.h index XXXXXXX..XXXXXXX 100644 --- a/UefiCpuPkg/SecCore/SecMain.h +++ b/UefiCpuPkg/SecCore/SecMain.h @@ -XXX,XX +XXX,XX @@ #include <Ppi/PeiCoreFvLocation.h> #include <Ppi/RepublishSecPpi.h> #include <Guid/FirmwarePerformance.h> +#include <Library/BaseLib.h> #include <Library/DebugLib.h> #include <Library/PcdLib.h> #include <Library/BaseMemoryLib.h> #include <Library/PlatformSecLib.h> #include <Library/CpuLib.h> @@ -XXX,XX +XXX,XX @@ #include <Library/CpuExceptionHandlerLib.h> #include <Library/ReportStatusCodeLib.h> #include <Library/PeiServicesTablePointerLib.h> #include <Library/HobLib.h> #include <Library/PeiServicesLib.h> +#include <Library/CpuPageTableLib.h> +#include <Register/Intel/Cpuid.h> +#include <Register/Intel/Msr.h> #define SEC_IDT_ENTRY_COUNT 34 typedef struct _SEC_IDT_TABLE { // -- 2.16.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#104759): https://edk2.groups.io/g/devel/message/104759 Mute This Topic: https://groups.io/mt/98843220/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
Some security features depends on the page table enabling. So, This patch is to enable the page table if page table has not been enabled during the transition from Temporary RAM to Permanent RAM. Note: If page table is not enabled before this point, which means the system IA-32e Mode is not activated. Because on Intel 64 processors, IA-32e Mode operation requires physical address extensions with 4 or 5 levels of enhanced paging structures (see Section 4.5, "4 - Level Paging and 5 -Level Paging" and Section 9.8, "Initializing IA-32e Mode"). So, just enable PAE page table if CR0.PG is not set. Cc: Eric Dong <eric.dong@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Zeng Star <star.zeng@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Rahul Kumar <rahul1.kumar@intel.com> Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com> --- UefiCpuPkg/CpuMpPei/CpuMpPei.h | 1 + UefiCpuPkg/CpuMpPei/CpuMpPei.inf | 1 + UefiCpuPkg/CpuMpPei/CpuPaging.c | 215 ++++++++++++++++----------------------- 3 files changed, 88 insertions(+), 129 deletions(-) diff --git a/UefiCpuPkg/CpuMpPei/CpuMpPei.h b/UefiCpuPkg/CpuMpPei/CpuMpPei.h index XXXXXXX..XXXXXXX 100644 --- a/UefiCpuPkg/CpuMpPei/CpuMpPei.h +++ b/UefiCpuPkg/CpuMpPei/CpuMpPei.h @@ -XXX,XX +XXX,XX @@ #include <Library/ReportStatusCodeLib.h> #include <Library/CpuExceptionHandlerLib.h> #include <Library/MpInitLib.h> #include <Library/BaseMemoryLib.h> #include <Library/MemoryAllocationLib.h> +#include <Library/CpuPageTableLib.h> extern EFI_PEI_PPI_DESCRIPTOR mPeiCpuMpPpiDesc; /** This service retrieves the number of logical processor in the platform diff --git a/UefiCpuPkg/CpuMpPei/CpuMpPei.inf b/UefiCpuPkg/CpuMpPei/CpuMpPei.inf index XXXXXXX..XXXXXXX 100644 --- a/UefiCpuPkg/CpuMpPei/CpuMpPei.inf +++ b/UefiCpuPkg/CpuMpPei/CpuMpPei.inf @@ -XXX,XX +XXX,XX @@ CpuExceptionHandlerLib MpInitLib BaseMemoryLib CpuLib MemoryAllocationLib + CpuPageTableLib [Guids] gEdkiiMigratedFvInfoGuid ## SOMETIMES_CONSUMES ## HOB [Ppis] diff --git a/UefiCpuPkg/CpuMpPei/CpuPaging.c b/UefiCpuPkg/CpuMpPei/CpuPaging.c index XXXXXXX..XXXXXXX 100644 --- a/UefiCpuPkg/CpuMpPei/CpuPaging.c +++ b/UefiCpuPkg/CpuMpPei/CpuPaging.c @@ -XXX,XX +XXX,XX @@ AllocatePageTableMemory ( } return Address; } -/** - Get the address width supported by current processor. - - @retval 32 If processor is in 32-bit mode. - @retval 36-48 If processor is in 64-bit mode. - -**/ -UINTN -GetPhysicalAddressWidth ( - VOID - ) -{ - UINT32 RegEax; - - if (sizeof (UINTN) == 4) { - return 32; - } - - AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL); - if (RegEax >= CPUID_VIR_PHY_ADDRESS_SIZE) { - AsmCpuid (CPUID_VIR_PHY_ADDRESS_SIZE, &RegEax, NULL, NULL, NULL); - RegEax &= 0xFF; - if (RegEax > 48) { - return 48; - } - - return (UINTN)RegEax; - } - - return 36; -} - /** Get the type of top level page table. @retval Page512G PML4 paging. @retval Page1G PAE paging. @@ -XXX,XX +XXX,XX @@ ConvertMemoryPageAttributes ( return RETURN_SUCCESS; } /** - Get maximum size of page memory supported by current processor. - - @param[in] TopLevelType The type of top level page entry. + Enable PAE Page Table. - @retval Page1G If processor supports 1G page and PML4. - @retval Page2M For all other situations. + @retval EFI_SUCCESS The PAE Page Table was enabled successfully. + @retval EFI_OUT_OF_RESOURCES The PAE Page Table could not be enabled due to lack of available memory. **/ -PAGE_ATTRIBUTE -GetMaxMemoryPage ( - IN PAGE_ATTRIBUTE TopLevelType - ) -{ - UINT32 RegEax; - UINT32 RegEdx; - - if (TopLevelType == Page512G) { - AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL); - if (RegEax >= CPUID_EXTENDED_CPU_SIG) { - AsmCpuid (CPUID_EXTENDED_CPU_SIG, NULL, NULL, NULL, &RegEdx); - if ((RegEdx & BIT26) != 0) { - return Page1G; - } - } - } - - return Page2M; -} - -/** - Create PML4 or PAE page table. - - @return The address of page table. - -**/ -UINTN -CreatePageTable ( +EFI_STATUS +EnablePaePageTable ( VOID ) { - RETURN_STATUS Status; - UINTN PhysicalAddressBits; - UINTN NumberOfEntries; - PAGE_ATTRIBUTE TopLevelPageAttr; - UINTN PageTable; - PAGE_ATTRIBUTE MaxMemoryPage; - UINTN Index; - UINT64 AddressEncMask; - UINT64 *PageEntry; - EFI_PHYSICAL_ADDRESS PhysicalAddress; - - TopLevelPageAttr = (PAGE_ATTRIBUTE)GetPageTableTopLevelType (); - PhysicalAddressBits = GetPhysicalAddressWidth (); - NumberOfEntries = (UINTN)1 << (PhysicalAddressBits - - mPageAttributeTable[TopLevelPageAttr].AddressBitOffset); + EFI_STATUS Status; + PAGING_MODE PagingMode; + + UINTN PageTable; + VOID *Buffer; + UINTN BufferSize; + IA32_MAP_ATTRIBUTE MapAttribute; + IA32_MAP_ATTRIBUTE MapMask; + + PagingMode = PagingPae; + PageTable = 0; + Buffer = NULL; + BufferSize = 0; + MapAttribute.Uint64 = 0; + MapMask.Uint64 = MAX_UINT64; + MapAttribute.Bits.Present = 1; + MapAttribute.Bits.ReadWrite = 1; - PageTable = (UINTN)AllocatePageTableMemory (1); - if (PageTable == 0) { - return 0; + // + // Get required buffer size for the pagetable that will be created. + // The Max size of LinearAddress for PAE is 2^32. + // + Status = PageTableMap (&PageTable, PagingMode, 0, &BufferSize, 0, SIZE_4GB, &MapAttribute, &MapMask, NULL); + ASSERT (Status == EFI_BUFFER_TOO_SMALL); + if (Status != EFI_BUFFER_TOO_SMALL) { + return Status; } - AddressEncMask = PcdGet64 (PcdPteMemoryEncryptionAddressOrMask); - AddressEncMask &= mPageAttributeTable[TopLevelPageAttr].AddressMask; - MaxMemoryPage = GetMaxMemoryPage (TopLevelPageAttr); - PageEntry = (UINT64 *)PageTable; - - PhysicalAddress = 0; - for (Index = 0; Index < NumberOfEntries; ++Index) { - *PageEntry = PhysicalAddress | AddressEncMask | PAGE_ATTRIBUTE_BITS; + // + // Allocate required Buffer. + // + Buffer = AllocatePageTableMemory (EFI_SIZE_TO_PAGES (BufferSize)); + ASSERT (Buffer != NULL); + if (Buffer == NULL) { + return EFI_OUT_OF_RESOURCES; + } - // - // Split the top page table down to the maximum page size supported - // - if (MaxMemoryPage < TopLevelPageAttr) { - Status = SplitPage (PageEntry, TopLevelPageAttr, MaxMemoryPage, TRUE); - ASSERT_EFI_ERROR (Status); - } + // + // Create PageTable in permanent memory. + // The Max size of LinearAddress for PAE is 2^32. + // + Status = PageTableMap (&PageTable, PagingMode, Buffer, &BufferSize, 0, LShiftU64 (1, 32), &MapAttribute, &MapMask, NULL); + ASSERT_EFI_ERROR (Status); + if (EFI_ERROR (Status) || (PageTable == 0)) { + return EFI_OUT_OF_RESOURCES; + } - if (TopLevelPageAttr == Page1G) { - // - // PDPTE[2:1] (PAE Paging) must be 0. SplitPage() might change them to 1. - // - *PageEntry &= ~(UINT64)(IA32_PG_RW | IA32_PG_U); - } + // + // Write the Pagetable to CR3. + // + AsmWriteCr3 (PageTable); - PageEntry += 1; - PhysicalAddress += mPageAttributeTable[TopLevelPageAttr].Length; - } + // + // Enable CR4.PAE + // + AsmWriteCr4 (AsmReadCr4 () | BIT5); - return PageTable; -} + // + // Enable CR0.PG + // + AsmWriteCr0 (AsmReadCr0 () | BIT31); -/** - Setup page tables and make them work. + DEBUG (( + DEBUG_INFO, + "EnablePaePageTable: Created PageTable = 0x%x, BufferSize = %x\n", + PageTable, + BufferSize + )); -**/ -VOID -EnablePaging ( - VOID - ) -{ - UINTN PageTable; - - PageTable = CreatePageTable (); - ASSERT (PageTable != 0); - if (PageTable != 0) { - AsmWriteCr3 (PageTable); - AsmWriteCr4 (AsmReadCr4 () | BIT5); // CR4.PAE - AsmWriteCr0 (AsmReadCr0 () | BIT31); // CR0.PG - } + return Status; } /** Get the base address of current AP's stack. @@ -XXX,XX +XXX,XX @@ MemoryDiscoveredPpiNotifyCallback ( { EFI_STATUS Status; BOOLEAN InitStackGuard; EDKII_MIGRATED_FV_INFO *MigratedFvInfo; EFI_PEI_HOB_POINTERS Hob; + IA32_CR0 Cr0; // // Paging must be setup first. Otherwise the exception TSS setup during MP // initialization later will not contain paging information and then fail // the task switch (for the sake of stack switch). @@ -XXX,XX +XXX,XX @@ MemoryDiscoveredPpiNotifyCallback ( if (IsIa32PaeSupported ()) { Hob.Raw = GetFirstGuidHob (&gEdkiiMigratedFvInfoGuid); InitStackGuard = PcdGetBool (PcdCpuStackGuard); } - if (InitStackGuard || (Hob.Raw != NULL)) { - EnablePaging (); + // + // Some security features depends on the page table enabling. So, here + // is to enable the page table if page table has not been enabled yet. + // If page table is not enabled before this point, which means the system + // IA-32e Mode is not activated. Because on Intel 64 processors, IA-32e Mode + // operation requires physical address extensions with 4 or 5 levels of + // enhanced paging structures (see Section 4.5, "4 - Level Paging and 5 - + // Level Paging" and Section 9.8, "Initializing IA-32e Mode"). So, just + // enable PAE page table if CR0.PG is not set. + // + Cr0.UintN = AsmReadCr0 (); + if ((Cr0.Bits.PG == 0) && (InitStackGuard || (Hob.Raw != NULL))) { + ASSERT (sizeof (UINTN) == sizeof (UINT32)); + + Status = EnablePaePageTable (); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_WARN, "MemoryDiscoveredPpiNotifyCallback: Failed to enable PAE page table: %r.\n", Status)); + ASSERT_EFI_ERROR (Status); + } } Status = InitializeCpuMpWorker ((CONST EFI_PEI_SERVICES **)PeiServices); ASSERT_EFI_ERROR (Status); -- 2.16.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#104760): https://edk2.groups.io/g/devel/message/104760 Mute This Topic: https://groups.io/mt/98843221/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
System paging 5 level enabled or not can be checked via CR4.LA57, system preferred Page table Level (PcdUse5LevelPageTable) must align with previous level for 64bit long mode. This patch is to do the wise check: If cpu has already runned in 64bit long mode PEI, Page table Level in DXE must align with previous level. If cpu runs in 32bit protected mode PEI, Page table Level in DXE is decided by PCD and feature capability. Cc: Dandan Bi <dandan.bi@intel.com> Cc: Liming Gao <gaoliming@byosoft.com.cn> Cc: Eric Dong <eric.dong@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Zeng Star <star.zeng@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Rahul Kumar <rahul1.kumar@intel.com> Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com> --- MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 39 ++++++++++++++++-------- 1 file changed, 27 insertions(+), 12 deletions(-) diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c index XXXXXXX..XXXXXXX 100644 --- a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c +++ b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c @@ -XXX,XX +XXX,XX @@ CreateIdentityMappingPageTables ( } else { PhysicalAddressBits = 36; } } - Page5LevelSupport = FALSE; - if (PcdGetBool (PcdUse5LevelPageTable)) { - AsmCpuidEx ( - CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS, - CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS_SUB_LEAF_INFO, - NULL, - NULL, - &EcxFlags.Uint32, - NULL - ); - if (EcxFlags.Bits.FiveLevelPage != 0) { - Page5LevelSupport = TRUE; + // + // Check cpu runs in 64bit long mode or 32bit protected mode. + // + if (sizeof (UINTN) == sizeof (UINT64)) { + // + // If cpu has already runned in 64bit long mode PEI, Page table Level in DXE must align with previous level. + // + Cr4.UintN = AsmReadCr4 (); + Page5LevelSupport = Cr4.Bits.LA57 ? TRUE : FALSE; + ASSERT (PcdGetBool (PcdUse5LevelPageTable) == Page5LevelSupport); + } else { + // + // If cpu runs in 32bit protected mode PEI, Page table Level in DXE is decided by PCD and feature capability. + // + Page5LevelSupport = FALSE; + if (PcdGetBool (PcdUse5LevelPageTable)) { + AsmCpuidEx ( + CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS, + CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS_SUB_LEAF_INFO, + NULL, + NULL, + &EcxFlags.Uint32, + NULL + ); + if (EcxFlags.Bits.FiveLevelPage != 0) { + Page5LevelSupport = TRUE; + } } } DEBUG ((DEBUG_INFO, "AddressBits=%u 5LevelPaging=%u 1GPage=%u\n", PhysicalAddressBits, Page5LevelSupport, Page1GSupport)); -- 2.16.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#104761): https://edk2.groups.io/g/devel/message/104761 Mute This Topic: https://groups.io/mt/98843222/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
Add CpuPageTableLib required by SecCore & CpuMpPei in OvmfPkg. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Zeng Star <star.zeng@intel.com> Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com> --- OvmfPkg/AmdSev/AmdSevX64.dsc | 2 +- OvmfPkg/CloudHv/CloudHvX64.dsc | 2 +- OvmfPkg/IntelTdx/IntelTdxX64.dsc | 3 +-- OvmfPkg/Microvm/MicrovmX64.dsc | 2 +- OvmfPkg/OvmfPkgIa32.dsc | 1 + OvmfPkg/OvmfPkgIa32X64.dsc | 2 +- OvmfPkg/OvmfPkgX64.dsc | 3 +-- OvmfPkg/OvmfXen.dsc | 2 +- 8 files changed, 8 insertions(+), 9 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index XXXXXXX..XXXXXXX 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -XXX,XX +XXX,XX @@ IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf + CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf UefiLib|MdePkg/Library/UefiLib/UefiLib.inf UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf @@ -XXX,XX +XXX,XX @@ LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxDxeLib.inf !if $(SOURCE_DEBUG_ENABLE) == TRUE DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf !endif PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf - CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf QemuLoadImageLib|OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.inf diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc index XXXXXXX..XXXXXXX 100644 --- a/OvmfPkg/CloudHv/CloudHvX64.dsc +++ b/OvmfPkg/CloudHv/CloudHvX64.dsc @@ -XXX,XX +XXX,XX @@ IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf + CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf UefiLib|MdePkg/Library/UefiLib/UefiLib.inf UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf @@ -XXX,XX +XXX,XX @@ !endif !if $(SOURCE_DEBUG_ENABLE) == TRUE DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf !endif PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf - CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX64.dsc index XXXXXXX..XXXXXXX 100644 --- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc +++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc @@ -XXX,XX +XXX,XX @@ IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf + CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf UefiLib|MdePkg/Library/UefiLib/UefiLib.inf UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf @@ -XXX,XX +XXX,XX @@ PlatformBmPrintScLib|OvmfPkg/Library/PlatformBmPrintScLib/PlatformBmPrintScLib.inf QemuBootOrderLib|OvmfPkg/Library/QemuBootOrderLib/QemuBootOrderLib.inf CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxDxeLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf - CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf @@ -XXX,XX +XXX,XX @@ <LibraryClasses> # # Directly use DxeMpInitLib. It depends on DxeMpInitLibMpDepLib which # checks the Protocol of gEfiMpInitLibMpDepProtocolGuid. # - CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf NULL|OvmfPkg/Library/MpInitLibDepLib/DxeMpInitLibMpDepLib.inf } UefiCpuPkg/CpuDxe/CpuDxe.inf { diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc index XXXXXXX..XXXXXXX 100644 --- a/OvmfPkg/Microvm/MicrovmX64.dsc +++ b/OvmfPkg/Microvm/MicrovmX64.dsc @@ -XXX,XX +XXX,XX @@ IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf + CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf UefiLib|MdePkg/Library/UefiLib/UefiLib.inf UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf @@ -XXX,XX +XXX,XX @@ DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf !endif PciLib|MdePkg/Library/BasePciLibPciExpress/BasePciLibPciExpress.inf PciPcdProducerLib|OvmfPkg/Fdt/FdtPciPcdProducerLib/FdtPciPcdProducerLib.inf PciExpressLib|OvmfPkg/Library/BaseCachingPciExpressLib/BaseCachingPciExpressLib.inf - CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index XXXXXXX..XXXXXXX 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -XXX,XX +XXX,XX @@ IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf + CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf UefiLib|MdePkg/Library/UefiLib/UefiLib.inf UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index XXXXXXX..XXXXXXX 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -XXX,XX +XXX,XX @@ IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf + CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf UefiLib|MdePkg/Library/UefiLib/UefiLib.inf UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf @@ -XXX,XX +XXX,XX @@ !endif !if $(SOURCE_DEBUG_ENABLE) == TRUE DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf !endif PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf - CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index XXXXXXX..XXXXXXX 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -XXX,XX +XXX,XX @@ IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf + CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf UefiLib|MdePkg/Library/UefiLib/UefiLib.inf UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf @@ -XXX,XX +XXX,XX @@ !endif !if $(SOURCE_DEBUG_ENABLE) == TRUE DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf !endif PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf - CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf @@ -XXX,XX +XXX,XX @@ <LibraryClasses> # # Directly use DxeMpInitLib. It depends on DxeMpInitLibMpDepLib which # checks the Protocol of gEfiMpInitLibMpDepProtocolGuid. # - CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf NULL|OvmfPkg/Library/MpInitLibDepLib/DxeMpInitLibMpDepLib.inf } UefiCpuPkg/CpuDxe/CpuDxe.inf { diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc index XXXXXXX..XXXXXXX 100644 --- a/OvmfPkg/OvmfXen.dsc +++ b/OvmfPkg/OvmfXen.dsc @@ -XXX,XX +XXX,XX @@ IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf + CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf UefiLib|MdePkg/Library/UefiLib/UefiLib.inf UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf @@ -XXX,XX +XXX,XX @@ LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxDxeLib.inf !if $(SOURCE_DEBUG_ENABLE) == TRUE DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf !endif PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf - CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf [LibraryClasses.common.UEFI_APPLICATION] -- 2.16.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#104762): https://edk2.groups.io/g/devel/message/104762 Mute This Topic: https://groups.io/mt/98843223/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
Add CpuPageTableLib required by SecCore & CpuMpPei in UefiPayloadPkg. Cc: Guo Dong <guo.dong@intel.com> Cc: Sean Rhodes <sean@starlabs.systems> Cc: James Lu <james.lu@intel.com> Cc: Gua Guo <gua.guo@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Zeng Star <star.zeng@intel.com> Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com> --- UefiPayloadPkg/UefiPayloadPkg.dsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc b/UefiPayloadPkg/UefiPayloadPkg.dsc index XXXXXXX..XXXXXXX 100644 --- a/UefiPayloadPkg/UefiPayloadPkg.dsc +++ b/UefiPayloadPkg/UefiPayloadPkg.dsc @@ -XXX,XX +XXX,XX @@ # CPU # MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf + CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf # # Platform # !if $(CPU_TIMER_LIB_ENABLE) == TRUE && $(UNIVERSAL_PAYLOAD) == TRUE @@ -XXX,XX +XXX,XX @@ ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf !if $(SOURCE_DEBUG_ENABLE) DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf !endif CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf - CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf !if $(PERFORMANCE_MEASUREMENT_ENABLE) PerformanceLib|MdeModulePkg/Library/DxePerformanceLib/DxePerformanceLib.inf !endif -- 2.16.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#104763): https://edk2.groups.io/g/devel/message/104763 Mute This Topic: https://groups.io/mt/98843224/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
For arch X64, system will enable the page table in SPI to cover 0-512G range via CR4.PAE & MSR.LME & CR0.PG & CR3 setting. Existing code doesn't cover the higher address access above 512G before memory-discovered callback. This series patches provide the solution to enable paging from temporary RAM Done. Jiaxin Wu (5): UefiCpuPkg/SecCore: Migrate page table to permanent memory UefiCpuPkg/CpuMpPei: Conditionally enable PAE paging in 32bit mode MdeModulePkg/DxeIpl: Align Page table Level setting with previous level. OvmfPkg: Add CpuPageTableLib required by SecCore & CpuMpPei UefiPayloadPkg: Add CpuPageTableLib required by SecCore & CpuMpPei MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 36 ++-- OvmfPkg/AmdSev/AmdSevX64.dsc | 2 +- OvmfPkg/CloudHv/CloudHvX64.dsc | 2 +- OvmfPkg/IntelTdx/IntelTdxX64.dsc | 3 +- OvmfPkg/Microvm/MicrovmX64.dsc | 2 +- OvmfPkg/OvmfPkgIa32.dsc | 1 + OvmfPkg/OvmfPkgIa32X64.dsc | 2 +- OvmfPkg/OvmfPkgX64.dsc | 3 +- OvmfPkg/OvmfXen.dsc | 2 +- UefiCpuPkg/CpuMpPei/CpuMpPei.h | 1 + UefiCpuPkg/CpuMpPei/CpuMpPei.inf | 1 + UefiCpuPkg/CpuMpPei/CpuPaging.c | 202 ++++++++--------------- UefiCpuPkg/SecCore/SecCore.inf | 1 + UefiCpuPkg/SecCore/SecCoreNative.inf | 1 + UefiCpuPkg/SecCore/SecMain.c | 147 +++++++++++++++++ UefiCpuPkg/SecCore/SecMain.h | 4 + UefiPayloadPkg/UefiPayloadPkg.dsc | 2 +- 17 files changed, 261 insertions(+), 151 deletions(-) -- 2.16.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#104839): https://edk2.groups.io/g/devel/message/104839 Mute This Topic: https://groups.io/mt/98895180/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
Background: For arch X64, system will enable the page table in SPI to cover 0-512G range via CR4.PAE & MSR.LME & CR0.PG & CR3 setting (see ResetVector code). Existing code doesn't cover the higher address access above 512G before memory-discovered callback. That will be potential problem if system access the higher address after the transition from temporary RAM to permanent MEM RAM. Solution: This patch is to migrate page table to permanent memory to map entire physical address space if CR0.PG is set during temporary RAM Done. Cc: Eric Dong <eric.dong@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Zeng Star <star.zeng@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Rahul Kumar <rahul1.kumar@intel.com> Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com> --- UefiCpuPkg/SecCore/SecCore.inf | 1 + UefiCpuPkg/SecCore/SecCoreNative.inf | 1 + UefiCpuPkg/SecCore/SecMain.c | 147 +++++++++++++++++++++++++++++++++++ UefiCpuPkg/SecCore/SecMain.h | 4 + 4 files changed, 153 insertions(+) diff --git a/UefiCpuPkg/SecCore/SecCore.inf b/UefiCpuPkg/SecCore/SecCore.inf index XXXXXXX..XXXXXXX 100644 --- a/UefiCpuPkg/SecCore/SecCore.inf +++ b/UefiCpuPkg/SecCore/SecCore.inf @@ -XXX,XX +XXX,XX @@ CpuExceptionHandlerLib ReportStatusCodeLib PeiServicesLib PeiServicesTablePointerLib HobLib + CpuPageTableLib [Ppis] ## SOMETIMES_CONSUMES ## PRODUCES gEfiSecPlatformInformationPpiGuid diff --git a/UefiCpuPkg/SecCore/SecCoreNative.inf b/UefiCpuPkg/SecCore/SecCoreNative.inf index XXXXXXX..XXXXXXX 100644 --- a/UefiCpuPkg/SecCore/SecCoreNative.inf +++ b/UefiCpuPkg/SecCore/SecCoreNative.inf @@ -XXX,XX +XXX,XX @@ CpuExceptionHandlerLib ReportStatusCodeLib PeiServicesLib PeiServicesTablePointerLib HobLib + CpuPageTableLib [Ppis] ## SOMETIMES_CONSUMES ## PRODUCES gEfiSecPlatformInformationPpiGuid diff --git a/UefiCpuPkg/SecCore/SecMain.c b/UefiCpuPkg/SecCore/SecMain.c index XXXXXXX..XXXXXXX 100644 --- a/UefiCpuPkg/SecCore/SecMain.c +++ b/UefiCpuPkg/SecCore/SecMain.c @@ -XXX,XX +XXX,XX @@ MigrateGdt ( AsmWriteGdtr (&Gdtr); return EFI_SUCCESS; } +/** + Migrate page table to permanent memory mapping entire physical address space. + + @retval EFI_SUCCESS The PageTable was migrated successfully. + @retval EFI_UNSUPPORTED Unsupport to migrate page table to permanent memory if IA-32e Mode not actived. + @retval EFI_OUT_OF_RESOURCES The PageTable could not be migrated due to lack of available memory. + +**/ +EFI_STATUS +MigratePageTable ( + VOID + ) +{ + EFI_STATUS Status; + IA32_CR4 Cr4; + BOOLEAN Page5LevelSupport; + UINT32 RegEax; + CPUID_EXTENDED_CPU_SIG_EDX RegEdx; + BOOLEAN Page1GSupport; + PAGING_MODE PagingMode; + CPUID_VIR_PHY_ADDRESS_SIZE_EAX VirPhyAddressSize; + UINT32 MaxExtendedFunctionId; + UINTN PageTable; + EFI_PHYSICAL_ADDRESS Buffer; + UINTN BufferSize; + IA32_MAP_ATTRIBUTE MapAttribute; + IA32_MAP_ATTRIBUTE MapMask; + + VirPhyAddressSize.Uint32 = 0; + PageTable = 0; + BufferSize = 0; + MapAttribute.Uint64 = 0; + MapMask.Uint64 = MAX_UINT64; + MapAttribute.Bits.Present = 1; + MapAttribute.Bits.ReadWrite = 1; + + // + // Check Page5Level Support or not. + // + Cr4.UintN = AsmReadCr4 (); + Page5LevelSupport = (Cr4.Bits.LA57 ? TRUE : FALSE); + + // + // Check Page1G Support or not. + // + Page1GSupport = FALSE; + AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL); + if (RegEax >= CPUID_EXTENDED_CPU_SIG) { + AsmCpuid (CPUID_EXTENDED_CPU_SIG, NULL, NULL, NULL, &RegEdx.Uint32); + if (RegEdx.Bits.Page1GB != 0) { + Page1GSupport = TRUE; + } + } + + // + // Decide Paging Mode according Page5LevelSupport & Page1GSupport. + // + if (Page5LevelSupport) { + PagingMode = Page1GSupport ? Paging5Level1GB : Paging5Level; + } else { + PagingMode = Page1GSupport ? Paging4Level1GB : Paging4Level; + } + + // + // Get Maximum Physical Address Bits + // Get the number of address lines; Maximum Physical Address is 2^PhysicalAddressBits - 1. + // If CPUID does not supported, then use a max value of 36 as per SDM 3A, 4.1.4. + // + AsmCpuid (CPUID_EXTENDED_FUNCTION, &MaxExtendedFunctionId, NULL, NULL, NULL); + if (MaxExtendedFunctionId >= CPUID_VIR_PHY_ADDRESS_SIZE) { + AsmCpuid (CPUID_VIR_PHY_ADDRESS_SIZE, &VirPhyAddressSize.Uint32, NULL, NULL, NULL); + } else { + VirPhyAddressSize.Bits.PhysicalAddressBits = 36; + } + + if ((PagingMode == Paging4Level1GB) || (PagingMode == Paging4Level)) { + // + // The max lineaddress bits is 48 for 4 level page table. + // + VirPhyAddressSize.Bits.PhysicalAddressBits = MIN (VirPhyAddressSize.Bits.PhysicalAddressBits, 48); + } + + // + // Get required buffer size for the pagetable that will be created. + // + Status = PageTableMap (&PageTable, PagingMode, 0, &BufferSize, 0, LShiftU64 (1, VirPhyAddressSize.Bits.PhysicalAddressBits), &MapAttribute, &MapMask, NULL); + ASSERT (Status == EFI_BUFFER_TOO_SMALL); + if (Status != EFI_BUFFER_TOO_SMALL) { + return Status; + } + + // + // Allocate required Buffer. + // + Status = PeiServicesAllocatePages ( + EfiBootServicesData, + EFI_SIZE_TO_PAGES (BufferSize), + &Buffer + ); + if (EFI_ERROR (Status)) { + return EFI_OUT_OF_RESOURCES; + } + + // + // Create PageTable in permanent memory. + // + Status = PageTableMap (&PageTable, PagingMode, (VOID *)(UINTN)Buffer, &BufferSize, 0, LShiftU64 (1, VirPhyAddressSize.Bits.PhysicalAddressBits), &MapAttribute, &MapMask, NULL); + ASSERT_EFI_ERROR (Status); + if (EFI_ERROR (Status) || (PageTable == 0)) { + return EFI_OUT_OF_RESOURCES; + } + + // + // Write the Pagetable to CR3. + // + AsmWriteCr3 (PageTable); + + DEBUG (( + DEBUG_INFO, + "MigratePageTable: Created PageTable = 0x%lx, BufferSize = %x, PagingMode = 0x%lx, Support Max Physical Address Bits = %d\n", + PageTable, + BufferSize, + (UINTN)PagingMode, + VirPhyAddressSize.Bits.PhysicalAddressBits + )); + + return Status; +} + // // These are IDT entries pointing to 10:FFFFFFE4h. // UINT64 mIdtEntryTemplate = 0xffff8e000010ffe4ULL; @@ -XXX,XX +XXX,XX @@ SecTemporaryRamDone ( EFI_STATUS Status2; UINTN Index; BOOLEAN State; EFI_PEI_PPI_DESCRIPTOR *PeiPpiDescriptor; REPUBLISH_SEC_PPI_PPI *RepublishSecPpiPpi; + IA32_CR0 Cr0; // // Republish Sec Platform Information(2) PPI // RepublishSecPlatformInformationPpi (); @@ -XXX,XX +XXX,XX @@ SecTemporaryRamDone ( if (PcdGetBool (PcdMigrateTemporaryRamFirmwareVolumes)) { Status = MigrateGdt (); ASSERT_EFI_ERROR (Status); } + // + // Migrate page table to permanent memory mapping entire physical address space if CR0.PG is set. + // + Cr0.UintN = AsmReadCr0 (); + if (Cr0.Bits.PG != 0) { + // + // Assume CPU runs in 64bit mode if paging is enabled. + // + ASSERT (sizeof (UINTN) == sizeof (UINT64)); + + Status = MigratePageTable (); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "SecTemporaryRamDone: Failed to migrate page table to permanent memory: %r.\n", Status)); + CpuDeadLoop (); + } + } + // // Disable Temporary RAM after Stack and Heap have been migrated at this point. // SecPlatformDisableTemporaryMemory (); diff --git a/UefiCpuPkg/SecCore/SecMain.h b/UefiCpuPkg/SecCore/SecMain.h index XXXXXXX..XXXXXXX 100644 --- a/UefiCpuPkg/SecCore/SecMain.h +++ b/UefiCpuPkg/SecCore/SecMain.h @@ -XXX,XX +XXX,XX @@ #include <Ppi/PeiCoreFvLocation.h> #include <Ppi/RepublishSecPpi.h> #include <Guid/FirmwarePerformance.h> +#include <Library/BaseLib.h> #include <Library/DebugLib.h> #include <Library/PcdLib.h> #include <Library/BaseMemoryLib.h> #include <Library/PlatformSecLib.h> #include <Library/CpuLib.h> @@ -XXX,XX +XXX,XX @@ #include <Library/CpuExceptionHandlerLib.h> #include <Library/ReportStatusCodeLib.h> #include <Library/PeiServicesTablePointerLib.h> #include <Library/HobLib.h> #include <Library/PeiServicesLib.h> +#include <Library/CpuPageTableLib.h> +#include <Register/Intel/Cpuid.h> +#include <Register/Intel/Msr.h> #define SEC_IDT_ENTRY_COUNT 34 typedef struct _SEC_IDT_TABLE { // -- 2.16.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#104840): https://edk2.groups.io/g/devel/message/104840 Mute This Topic: https://groups.io/mt/98895181/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
Some security features depend on the page table enabling. So, This patch is to enable paging if it is not enabled (32bit mode)" Cc: Eric Dong <eric.dong@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Zeng Star <star.zeng@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Rahul Kumar <rahul1.kumar@intel.com> Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com> --- UefiCpuPkg/CpuMpPei/CpuMpPei.h | 1 + UefiCpuPkg/CpuMpPei/CpuMpPei.inf | 1 + UefiCpuPkg/CpuMpPei/CpuPaging.c | 202 ++++++++++++++------------------------- 3 files changed, 75 insertions(+), 129 deletions(-) diff --git a/UefiCpuPkg/CpuMpPei/CpuMpPei.h b/UefiCpuPkg/CpuMpPei/CpuMpPei.h index XXXXXXX..XXXXXXX 100644 --- a/UefiCpuPkg/CpuMpPei/CpuMpPei.h +++ b/UefiCpuPkg/CpuMpPei/CpuMpPei.h @@ -XXX,XX +XXX,XX @@ #include <Library/ReportStatusCodeLib.h> #include <Library/CpuExceptionHandlerLib.h> #include <Library/MpInitLib.h> #include <Library/BaseMemoryLib.h> #include <Library/MemoryAllocationLib.h> +#include <Library/CpuPageTableLib.h> extern EFI_PEI_PPI_DESCRIPTOR mPeiCpuMpPpiDesc; /** This service retrieves the number of logical processor in the platform diff --git a/UefiCpuPkg/CpuMpPei/CpuMpPei.inf b/UefiCpuPkg/CpuMpPei/CpuMpPei.inf index XXXXXXX..XXXXXXX 100644 --- a/UefiCpuPkg/CpuMpPei/CpuMpPei.inf +++ b/UefiCpuPkg/CpuMpPei/CpuMpPei.inf @@ -XXX,XX +XXX,XX @@ CpuExceptionHandlerLib MpInitLib BaseMemoryLib CpuLib MemoryAllocationLib + CpuPageTableLib [Guids] gEdkiiMigratedFvInfoGuid ## SOMETIMES_CONSUMES ## HOB [Ppis] diff --git a/UefiCpuPkg/CpuMpPei/CpuPaging.c b/UefiCpuPkg/CpuMpPei/CpuPaging.c index XXXXXXX..XXXXXXX 100644 --- a/UefiCpuPkg/CpuMpPei/CpuPaging.c +++ b/UefiCpuPkg/CpuMpPei/CpuPaging.c @@ -XXX,XX +XXX,XX @@ AllocatePageTableMemory ( } return Address; } -/** - Get the address width supported by current processor. - - @retval 32 If processor is in 32-bit mode. - @retval 36-48 If processor is in 64-bit mode. - -**/ -UINTN -GetPhysicalAddressWidth ( - VOID - ) -{ - UINT32 RegEax; - - if (sizeof (UINTN) == 4) { - return 32; - } - - AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL); - if (RegEax >= CPUID_VIR_PHY_ADDRESS_SIZE) { - AsmCpuid (CPUID_VIR_PHY_ADDRESS_SIZE, &RegEax, NULL, NULL, NULL); - RegEax &= 0xFF; - if (RegEax > 48) { - return 48; - } - - return (UINTN)RegEax; - } - - return 36; -} - /** Get the type of top level page table. @retval Page512G PML4 paging. @retval Page1G PAE paging. @@ -XXX,XX +XXX,XX @@ ConvertMemoryPageAttributes ( return RETURN_SUCCESS; } /** - Get maximum size of page memory supported by current processor. - - @param[in] TopLevelType The type of top level page entry. - - @retval Page1G If processor supports 1G page and PML4. - @retval Page2M For all other situations. - -**/ -PAGE_ATTRIBUTE -GetMaxMemoryPage ( - IN PAGE_ATTRIBUTE TopLevelType - ) -{ - UINT32 RegEax; - UINT32 RegEdx; - - if (TopLevelType == Page512G) { - AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL); - if (RegEax >= CPUID_EXTENDED_CPU_SIG) { - AsmCpuid (CPUID_EXTENDED_CPU_SIG, NULL, NULL, NULL, &RegEdx); - if ((RegEdx & BIT26) != 0) { - return Page1G; - } - } - } - - return Page2M; -} - -/** - Create PML4 or PAE page table. + Enable PAE Page Table. - @return The address of page table. + @retval EFI_SUCCESS The PAE Page Table was enabled successfully. + @retval EFI_OUT_OF_RESOURCES The PAE Page Table could not be enabled due to lack of available memory. **/ -UINTN -CreatePageTable ( +EFI_STATUS +EnablePaePageTable ( VOID ) { - RETURN_STATUS Status; - UINTN PhysicalAddressBits; - UINTN NumberOfEntries; - PAGE_ATTRIBUTE TopLevelPageAttr; - UINTN PageTable; - PAGE_ATTRIBUTE MaxMemoryPage; - UINTN Index; - UINT64 AddressEncMask; - UINT64 *PageEntry; - EFI_PHYSICAL_ADDRESS PhysicalAddress; + EFI_STATUS Status; + + UINTN PageTable; + VOID *Buffer; + UINTN BufferSize; + IA32_MAP_ATTRIBUTE MapAttribute; + IA32_MAP_ATTRIBUTE MapMask; + + PageTable = 0; + Buffer = NULL; + BufferSize = 0; + MapAttribute.Uint64 = 0; + MapMask.Uint64 = MAX_UINT64; + MapAttribute.Bits.Present = 1; + MapAttribute.Bits.ReadWrite = 1; - TopLevelPageAttr = (PAGE_ATTRIBUTE)GetPageTableTopLevelType (); - PhysicalAddressBits = GetPhysicalAddressWidth (); - NumberOfEntries = (UINTN)1 << (PhysicalAddressBits - - mPageAttributeTable[TopLevelPageAttr].AddressBitOffset); - - PageTable = (UINTN)AllocatePageTableMemory (1); - if (PageTable == 0) { - return 0; + // + // 1:1 map 4GB in 32bit mode + // + Status = PageTableMap (&PageTable, PagingPae, 0, &BufferSize, 0, SIZE_4GB, &MapAttribute, &MapMask, NULL); + ASSERT (Status == EFI_BUFFER_TOO_SMALL); + if (Status != EFI_BUFFER_TOO_SMALL) { + return Status; } - AddressEncMask = PcdGet64 (PcdPteMemoryEncryptionAddressOrMask); - AddressEncMask &= mPageAttributeTable[TopLevelPageAttr].AddressMask; - MaxMemoryPage = GetMaxMemoryPage (TopLevelPageAttr); - PageEntry = (UINT64 *)PageTable; - - PhysicalAddress = 0; - for (Index = 0; Index < NumberOfEntries; ++Index) { - *PageEntry = PhysicalAddress | AddressEncMask | PAGE_ATTRIBUTE_BITS; + // + // Allocate required Buffer. + // + Buffer = AllocatePageTableMemory (EFI_SIZE_TO_PAGES (BufferSize)); + ASSERT (Buffer != NULL); + if (Buffer == NULL) { + return EFI_OUT_OF_RESOURCES; + } - // - // Split the top page table down to the maximum page size supported - // - if (MaxMemoryPage < TopLevelPageAttr) { - Status = SplitPage (PageEntry, TopLevelPageAttr, MaxMemoryPage, TRUE); - ASSERT_EFI_ERROR (Status); - } + Status = PageTableMap (&PageTable, PagingPae, Buffer, &BufferSize, 0, SIZE_4GB, &MapAttribute, &MapMask, NULL); + ASSERT_EFI_ERROR (Status); + if (EFI_ERROR (Status) || (PageTable == 0)) { + return EFI_OUT_OF_RESOURCES; + } - if (TopLevelPageAttr == Page1G) { - // - // PDPTE[2:1] (PAE Paging) must be 0. SplitPage() might change them to 1. - // - *PageEntry &= ~(UINT64)(IA32_PG_RW | IA32_PG_U); - } + // + // Write the Pagetable to CR3. + // + AsmWriteCr3 (PageTable); - PageEntry += 1; - PhysicalAddress += mPageAttributeTable[TopLevelPageAttr].Length; - } + // + // Enable CR4.PAE + // + AsmWriteCr4 (AsmReadCr4 () | BIT5); - return PageTable; -} + // + // Enable CR0.PG + // + AsmWriteCr0 (AsmReadCr0 () | BIT31); -/** - Setup page tables and make them work. + DEBUG (( + DEBUG_INFO, + "EnablePaePageTable: Created PageTable = 0x%x, BufferSize = %x\n", + PageTable, + BufferSize + )); -**/ -VOID -EnablePaging ( - VOID - ) -{ - UINTN PageTable; - - PageTable = CreatePageTable (); - ASSERT (PageTable != 0); - if (PageTable != 0) { - AsmWriteCr3 (PageTable); - AsmWriteCr4 (AsmReadCr4 () | BIT5); // CR4.PAE - AsmWriteCr0 (AsmReadCr0 () | BIT31); // CR0.PG - } + return Status; } /** Get the base address of current AP's stack. @@ -XXX,XX +XXX,XX @@ MemoryDiscoveredPpiNotifyCallback ( { EFI_STATUS Status; BOOLEAN InitStackGuard; EDKII_MIGRATED_FV_INFO *MigratedFvInfo; EFI_PEI_HOB_POINTERS Hob; + IA32_CR0 Cr0; // // Paging must be setup first. Otherwise the exception TSS setup during MP // initialization later will not contain paging information and then fail // the task switch (for the sake of stack switch). @@ -XXX,XX +XXX,XX @@ MemoryDiscoveredPpiNotifyCallback ( if (IsIa32PaeSupported ()) { Hob.Raw = GetFirstGuidHob (&gEdkiiMigratedFvInfoGuid); InitStackGuard = PcdGetBool (PcdCpuStackGuard); } - if (InitStackGuard || (Hob.Raw != NULL)) { - EnablePaging (); + // + // Some security features depend on the page table enabling. So, here + // is to enable paging if it is not enabled (only in 32bit mode). + // + Cr0.UintN = AsmReadCr0 (); + if ((Cr0.Bits.PG == 0) && (InitStackGuard || (Hob.Raw != NULL))) { + ASSERT (sizeof (UINTN) == sizeof (UINT32)); + + Status = EnablePaePageTable (); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "MemoryDiscoveredPpiNotifyCallback: Failed to enable PAE page table: %r.\n", Status)); + CpuDeadLoop (); + } } Status = InitializeCpuMpWorker ((CONST EFI_PEI_SERVICES **)PeiServices); ASSERT_EFI_ERROR (Status); -- 2.16.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#104841): https://edk2.groups.io/g/devel/message/104841 Mute This Topic: https://groups.io/mt/98895182/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
System paging 5 level enabled or not can be checked via CR4.LA57, system preferred Page table Level (PcdUse5LevelPageTable) must align with previous level for 64bit long mode. This patch is to do the wise check: If cpu has already run in 64bit long mode PEI, Page table Level in DXE must align with previous level. If cpu runs in 32bit protected mode PEI, Page table Level in DXE is decided by PCD and feature capability. Cc: Dandan Bi <dandan.bi@intel.com> Cc: Liming Gao <gaoliming@byosoft.com.cn> Cc: Eric Dong <eric.dong@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Zeng Star <star.zeng@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Rahul Kumar <rahul1.kumar@intel.com> Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com> --- MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 36 ++++++++++++++++-------- 1 file changed, 24 insertions(+), 12 deletions(-) diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c index XXXXXXX..XXXXXXX 100644 --- a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c +++ b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c @@ -XXX,XX +XXX,XX @@ CreateIdentityMappingPageTables ( } else { PhysicalAddressBits = 36; } } - Page5LevelSupport = FALSE; - if (PcdGetBool (PcdUse5LevelPageTable)) { - AsmCpuidEx ( - CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS, - CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS_SUB_LEAF_INFO, - NULL, - NULL, - &EcxFlags.Uint32, - NULL - ); - if (EcxFlags.Bits.FiveLevelPage != 0) { - Page5LevelSupport = TRUE; + if (sizeof (UINTN) == sizeof (UINT64)) { + // + // If cpu has already run in 64bit long mode PEI, Page table Level in DXE must align with previous level. + // + Cr4.UintN = AsmReadCr4 (); + Page5LevelSupport = (Cr4.Bits.LA57 != 0); + ASSERT (PcdGetBool (PcdUse5LevelPageTable) == Page5LevelSupport); + } else { + // + // If cpu runs in 32bit protected mode PEI, Page table Level in DXE is decided by PCD and feature capability. + // + Page5LevelSupport = FALSE; + if (PcdGetBool (PcdUse5LevelPageTable)) { + AsmCpuidEx ( + CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS, + CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS_SUB_LEAF_INFO, + NULL, + NULL, + &EcxFlags.Uint32, + NULL + ); + if (EcxFlags.Bits.FiveLevelPage != 0) { + Page5LevelSupport = TRUE; + } } } DEBUG ((DEBUG_INFO, "AddressBits=%u 5LevelPaging=%u 1GPage=%u\n", PhysicalAddressBits, Page5LevelSupport, Page1GSupport)); -- 2.16.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#104842): https://edk2.groups.io/g/devel/message/104842 Mute This Topic: https://groups.io/mt/98895183/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
Add CpuPageTableLib required by SecCore & CpuMpPei in OvmfPkg. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Zeng Star <star.zeng@intel.com> Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com> --- OvmfPkg/AmdSev/AmdSevX64.dsc | 2 +- OvmfPkg/CloudHv/CloudHvX64.dsc | 2 +- OvmfPkg/IntelTdx/IntelTdxX64.dsc | 3 +-- OvmfPkg/Microvm/MicrovmX64.dsc | 2 +- OvmfPkg/OvmfPkgIa32.dsc | 1 + OvmfPkg/OvmfPkgIa32X64.dsc | 2 +- OvmfPkg/OvmfPkgX64.dsc | 3 +-- OvmfPkg/OvmfXen.dsc | 2 +- 8 files changed, 8 insertions(+), 9 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index XXXXXXX..XXXXXXX 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -XXX,XX +XXX,XX @@ IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf + CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf UefiLib|MdePkg/Library/UefiLib/UefiLib.inf UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf @@ -XXX,XX +XXX,XX @@ LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxDxeLib.inf !if $(SOURCE_DEBUG_ENABLE) == TRUE DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf !endif PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf - CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf QemuLoadImageLib|OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.inf diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc index XXXXXXX..XXXXXXX 100644 --- a/OvmfPkg/CloudHv/CloudHvX64.dsc +++ b/OvmfPkg/CloudHv/CloudHvX64.dsc @@ -XXX,XX +XXX,XX @@ IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf + CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf UefiLib|MdePkg/Library/UefiLib/UefiLib.inf UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf @@ -XXX,XX +XXX,XX @@ !endif !if $(SOURCE_DEBUG_ENABLE) == TRUE DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf !endif PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf - CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX64.dsc index XXXXXXX..XXXXXXX 100644 --- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc +++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc @@ -XXX,XX +XXX,XX @@ IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf + CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf UefiLib|MdePkg/Library/UefiLib/UefiLib.inf UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf @@ -XXX,XX +XXX,XX @@ PlatformBmPrintScLib|OvmfPkg/Library/PlatformBmPrintScLib/PlatformBmPrintScLib.inf QemuBootOrderLib|OvmfPkg/Library/QemuBootOrderLib/QemuBootOrderLib.inf CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxDxeLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf - CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf @@ -XXX,XX +XXX,XX @@ <LibraryClasses> # # Directly use DxeMpInitLib. It depends on DxeMpInitLibMpDepLib which # checks the Protocol of gEfiMpInitLibMpDepProtocolGuid. # - CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf NULL|OvmfPkg/Library/MpInitLibDepLib/DxeMpInitLibMpDepLib.inf } UefiCpuPkg/CpuDxe/CpuDxe.inf { diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc index XXXXXXX..XXXXXXX 100644 --- a/OvmfPkg/Microvm/MicrovmX64.dsc +++ b/OvmfPkg/Microvm/MicrovmX64.dsc @@ -XXX,XX +XXX,XX @@ IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf + CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf UefiLib|MdePkg/Library/UefiLib/UefiLib.inf UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf @@ -XXX,XX +XXX,XX @@ DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf !endif PciLib|MdePkg/Library/BasePciLibPciExpress/BasePciLibPciExpress.inf PciPcdProducerLib|OvmfPkg/Fdt/FdtPciPcdProducerLib/FdtPciPcdProducerLib.inf PciExpressLib|OvmfPkg/Library/BaseCachingPciExpressLib/BaseCachingPciExpressLib.inf - CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index XXXXXXX..XXXXXXX 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -XXX,XX +XXX,XX @@ IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf + CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf UefiLib|MdePkg/Library/UefiLib/UefiLib.inf UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index XXXXXXX..XXXXXXX 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -XXX,XX +XXX,XX @@ IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf + CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf UefiLib|MdePkg/Library/UefiLib/UefiLib.inf UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf @@ -XXX,XX +XXX,XX @@ !endif !if $(SOURCE_DEBUG_ENABLE) == TRUE DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf !endif PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf - CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index XXXXXXX..XXXXXXX 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -XXX,XX +XXX,XX @@ IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf + CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf UefiLib|MdePkg/Library/UefiLib/UefiLib.inf UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf @@ -XXX,XX +XXX,XX @@ !endif !if $(SOURCE_DEBUG_ENABLE) == TRUE DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf !endif PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf - CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf @@ -XXX,XX +XXX,XX @@ <LibraryClasses> # # Directly use DxeMpInitLib. It depends on DxeMpInitLibMpDepLib which # checks the Protocol of gEfiMpInitLibMpDepProtocolGuid. # - CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf NULL|OvmfPkg/Library/MpInitLibDepLib/DxeMpInitLibMpDepLib.inf } UefiCpuPkg/CpuDxe/CpuDxe.inf { diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc index XXXXXXX..XXXXXXX 100644 --- a/OvmfPkg/OvmfXen.dsc +++ b/OvmfPkg/OvmfXen.dsc @@ -XXX,XX +XXX,XX @@ IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf + CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf UefiLib|MdePkg/Library/UefiLib/UefiLib.inf UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf @@ -XXX,XX +XXX,XX @@ LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxDxeLib.inf !if $(SOURCE_DEBUG_ENABLE) == TRUE DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf !endif PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf - CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf [LibraryClasses.common.UEFI_APPLICATION] -- 2.16.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#104843): https://edk2.groups.io/g/devel/message/104843 Mute This Topic: https://groups.io/mt/98895186/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
Add CpuPageTableLib required by SecCore & CpuMpPei in UefiPayloadPkg. Cc: Guo Dong <guo.dong@intel.com> Cc: Sean Rhodes <sean@starlabs.systems> Cc: James Lu <james.lu@intel.com> Cc: Gua Guo <gua.guo@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Zeng Star <star.zeng@intel.com> Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com> --- UefiPayloadPkg/UefiPayloadPkg.dsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc b/UefiPayloadPkg/UefiPayloadPkg.dsc index XXXXXXX..XXXXXXX 100644 --- a/UefiPayloadPkg/UefiPayloadPkg.dsc +++ b/UefiPayloadPkg/UefiPayloadPkg.dsc @@ -XXX,XX +XXX,XX @@ # CPU # MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf + CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf # # Platform # !if $(CPU_TIMER_LIB_ENABLE) == TRUE && $(UNIVERSAL_PAYLOAD) == TRUE @@ -XXX,XX +XXX,XX @@ ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf !if $(SOURCE_DEBUG_ENABLE) DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf !endif CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf - CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf !if $(PERFORMANCE_MEASUREMENT_ENABLE) PerformanceLib|MdeModulePkg/Library/DxePerformanceLib/DxePerformanceLib.inf !endif -- 2.16.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#104844): https://edk2.groups.io/g/devel/message/104844 Mute This Topic: https://groups.io/mt/98895187/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-