Background:
For arch X64, system will enable the page table in SPI to cover 0-512G
range via CR4.PAE & MSR.LME & CR0.PG & CR3 setting (see ResetVector code).
Existing code doesn't cover the higher address access above 512G before
memory-discovered callback. That will be potential problem if system
access the higher address after the transition from temporary RAM to
permanent MEM RAM.
Solution:
This patch is to migrate page table to permanent memory to map entire physical
address space if CR0.PG is set during temporary RAM Done.
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Zeng Star <star.zeng@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
---
UefiCpuPkg/SecCore/SecCore.inf | 1 +
UefiCpuPkg/SecCore/SecCoreNative.inf | 1 +
UefiCpuPkg/SecCore/SecMain.c | 147 +++++++++++++++++++++++++++++++++++
UefiCpuPkg/SecCore/SecMain.h | 4 +
4 files changed, 153 insertions(+)
diff --git a/UefiCpuPkg/SecCore/SecCore.inf b/UefiCpuPkg/SecCore/SecCore.inf
index 3758aded3b..cab69b8b97 100644
--- a/UefiCpuPkg/SecCore/SecCore.inf
+++ b/UefiCpuPkg/SecCore/SecCore.inf
@@ -53,10 +53,11 @@
CpuExceptionHandlerLib
ReportStatusCodeLib
PeiServicesLib
PeiServicesTablePointerLib
HobLib
+ CpuPageTableLib
[Ppis]
## SOMETIMES_CONSUMES
## PRODUCES
gEfiSecPlatformInformationPpiGuid
diff --git a/UefiCpuPkg/SecCore/SecCoreNative.inf b/UefiCpuPkg/SecCore/SecCoreNative.inf
index 1ee6ff7d88..fa241cca94 100644
--- a/UefiCpuPkg/SecCore/SecCoreNative.inf
+++ b/UefiCpuPkg/SecCore/SecCoreNative.inf
@@ -50,10 +50,11 @@
CpuExceptionHandlerLib
ReportStatusCodeLib
PeiServicesLib
PeiServicesTablePointerLib
HobLib
+ CpuPageTableLib
[Ppis]
## SOMETIMES_CONSUMES
## PRODUCES
gEfiSecPlatformInformationPpiGuid
diff --git a/UefiCpuPkg/SecCore/SecMain.c b/UefiCpuPkg/SecCore/SecMain.c
index 95375850ec..b0ab6cdae4 100644
--- a/UefiCpuPkg/SecCore/SecMain.c
+++ b/UefiCpuPkg/SecCore/SecMain.c
@@ -70,10 +70,139 @@ MigrateGdt (
AsmWriteGdtr (&Gdtr);
return EFI_SUCCESS;
}
+/**
+ Migrate page table to permanent memory mapping entire physical address space.
+
+ @retval EFI_SUCCESS The PageTable was migrated successfully.
+ @retval EFI_UNSUPPORTED Unsupport to migrate page table to permanent memory if IA-32e Mode not actived.
+ @retval EFI_OUT_OF_RESOURCES The PageTable could not be migrated due to lack of available memory.
+
+**/
+EFI_STATUS
+MigratePageTable (
+ VOID
+ )
+{
+ EFI_STATUS Status;
+ IA32_CR4 Cr4;
+ BOOLEAN Page5LevelSupport;
+ UINT32 RegEax;
+ CPUID_EXTENDED_CPU_SIG_EDX RegEdx;
+ BOOLEAN Page1GSupport;
+ PAGING_MODE PagingMode;
+ CPUID_VIR_PHY_ADDRESS_SIZE_EAX VirPhyAddressSize;
+ UINT32 MaxExtendedFunctionId;
+ UINTN PageTable;
+ EFI_PHYSICAL_ADDRESS Buffer;
+ UINTN BufferSize;
+ IA32_MAP_ATTRIBUTE MapAttribute;
+ IA32_MAP_ATTRIBUTE MapMask;
+
+ VirPhyAddressSize.Uint32 = 0;
+ PageTable = 0;
+ BufferSize = 0;
+ MapAttribute.Uint64 = 0;
+ MapMask.Uint64 = MAX_UINT64;
+ MapAttribute.Bits.Present = 1;
+ MapAttribute.Bits.ReadWrite = 1;
+
+ //
+ // Check Page5Level Support or not.
+ //
+ Cr4.UintN = AsmReadCr4 ();
+ Page5LevelSupport = (Cr4.Bits.LA57 ? TRUE : FALSE);
+
+ //
+ // Check Page1G Support or not.
+ //
+ Page1GSupport = FALSE;
+ AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL);
+ if (RegEax >= CPUID_EXTENDED_CPU_SIG) {
+ AsmCpuid (CPUID_EXTENDED_CPU_SIG, NULL, NULL, NULL, &RegEdx.Uint32);
+ if (RegEdx.Bits.Page1GB != 0) {
+ Page1GSupport = TRUE;
+ }
+ }
+
+ //
+ // Decide Paging Mode according Page5LevelSupport & Page1GSupport.
+ //
+ if (Page5LevelSupport) {
+ PagingMode = Page1GSupport ? Paging5Level1GB : Paging5Level;
+ } else {
+ PagingMode = Page1GSupport ? Paging4Level1GB : Paging4Level;
+ }
+
+ //
+ // Get Maximum Physical Address Bits
+ // Get the number of address lines; Maximum Physical Address is 2^PhysicalAddressBits - 1.
+ // If CPUID does not supported, then use a max value of 36 as per SDM 3A, 4.1.4.
+ //
+ AsmCpuid (CPUID_EXTENDED_FUNCTION, &MaxExtendedFunctionId, NULL, NULL, NULL);
+ if (MaxExtendedFunctionId >= CPUID_VIR_PHY_ADDRESS_SIZE) {
+ AsmCpuid (CPUID_VIR_PHY_ADDRESS_SIZE, &VirPhyAddressSize.Uint32, NULL, NULL, NULL);
+ } else {
+ VirPhyAddressSize.Bits.PhysicalAddressBits = 36;
+ }
+
+ if ((PagingMode == Paging4Level1GB) || (PagingMode == Paging4Level)) {
+ //
+ // The max lineaddress bits is 48 for 4 level page table.
+ //
+ VirPhyAddressSize.Bits.PhysicalAddressBits = MIN (VirPhyAddressSize.Bits.PhysicalAddressBits, 48);
+ }
+
+ //
+ // Get required buffer size for the pagetable that will be created.
+ //
+ Status = PageTableMap (&PageTable, PagingMode, 0, &BufferSize, 0, LShiftU64 (1, VirPhyAddressSize.Bits.PhysicalAddressBits), &MapAttribute, &MapMask, NULL);
+ ASSERT (Status == EFI_BUFFER_TOO_SMALL);
+ if (Status != EFI_BUFFER_TOO_SMALL) {
+ return Status;
+ }
+
+ //
+ // Allocate required Buffer.
+ //
+ Status = PeiServicesAllocatePages (
+ EfiBootServicesData,
+ EFI_SIZE_TO_PAGES (BufferSize),
+ &Buffer
+ );
+ if (EFI_ERROR (Status)) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ //
+ // Create PageTable in permanent memory.
+ //
+ Status = PageTableMap (&PageTable, PagingMode, (VOID *)(UINTN)Buffer, &BufferSize, 0, LShiftU64 (1, VirPhyAddressSize.Bits.PhysicalAddressBits), &MapAttribute, &MapMask, NULL);
+ ASSERT_EFI_ERROR (Status);
+ if (EFI_ERROR (Status) || (PageTable == 0)) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ //
+ // Write the Pagetable to CR3.
+ //
+ AsmWriteCr3 (PageTable);
+
+ DEBUG ((
+ DEBUG_INFO,
+ "MigratePageTable: Created PageTable = 0x%lx, BufferSize = %x, PagingMode = 0x%lx, Support Max Physical Address Bits = %d\n",
+ PageTable,
+ BufferSize,
+ (UINTN)PagingMode,
+ VirPhyAddressSize.Bits.PhysicalAddressBits
+ ));
+
+ return Status;
+}
+
//
// These are IDT entries pointing to 10:FFFFFFE4h.
//
UINT64 mIdtEntryTemplate = 0xffff8e000010ffe4ULL;
@@ -451,10 +580,11 @@ SecTemporaryRamDone (
EFI_STATUS Status2;
UINTN Index;
BOOLEAN State;
EFI_PEI_PPI_DESCRIPTOR *PeiPpiDescriptor;
REPUBLISH_SEC_PPI_PPI *RepublishSecPpiPpi;
+ IA32_CR0 Cr0;
//
// Republish Sec Platform Information(2) PPI
//
RepublishSecPlatformInformationPpi ();
@@ -492,10 +622,27 @@ SecTemporaryRamDone (
if (PcdGetBool (PcdMigrateTemporaryRamFirmwareVolumes)) {
Status = MigrateGdt ();
ASSERT_EFI_ERROR (Status);
}
+ //
+ // Migrate page table to permanent memory mapping entire physical address space if CR0.PG is set.
+ //
+ Cr0.UintN = AsmReadCr0 ();
+ if (Cr0.Bits.PG != 0) {
+ //
+ // Assume CPU runs in 64bit mode if paging is enabled.
+ //
+ ASSERT (sizeof (UINTN) == sizeof (UINT64));
+
+ Status = MigratePageTable ();
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "SecTemporaryRamDone: Failed to migrate page table to permanent memory: %r.\n", Status));
+ CpuDeadLoop ();
+ }
+ }
+
//
// Disable Temporary RAM after Stack and Heap have been migrated at this point.
//
SecPlatformDisableTemporaryMemory ();
diff --git a/UefiCpuPkg/SecCore/SecMain.h b/UefiCpuPkg/SecCore/SecMain.h
index 880e6cd1b8..b50d96e45b 100644
--- a/UefiCpuPkg/SecCore/SecMain.h
+++ b/UefiCpuPkg/SecCore/SecMain.h
@@ -17,10 +17,11 @@
#include <Ppi/PeiCoreFvLocation.h>
#include <Ppi/RepublishSecPpi.h>
#include <Guid/FirmwarePerformance.h>
+#include <Library/BaseLib.h>
#include <Library/DebugLib.h>
#include <Library/PcdLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/PlatformSecLib.h>
#include <Library/CpuLib.h>
@@ -30,10 +31,13 @@
#include <Library/CpuExceptionHandlerLib.h>
#include <Library/ReportStatusCodeLib.h>
#include <Library/PeiServicesTablePointerLib.h>
#include <Library/HobLib.h>
#include <Library/PeiServicesLib.h>
+#include <Library/CpuPageTableLib.h>
+#include <Register/Intel/Cpuid.h>
+#include <Register/Intel/Msr.h>
#define SEC_IDT_ENTRY_COUNT 34
typedef struct _SEC_IDT_TABLE {
//
--
2.16.2.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#104840): https://edk2.groups.io/g/devel/message/104840
Mute This Topic: https://groups.io/mt/98895181/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Reviewed-by: Ray Ni <ray.ni@intel.com> ________________________________________ From: Wu, Jiaxin <jiaxin.wu@intel.com> Sent: Monday, May 15, 2023 10:15 To: devel@edk2.groups.io Cc: Dong, Eric; Ni, Ray; Zeng, Star; Gerd Hoffmann; Kumar, Rahul R Subject: [PATCH v3 1/5] UefiCpuPkg/SecCore: Migrate page table to permanent memory Background: For arch X64, system will enable the page table in SPI to cover 0-512G range via CR4.PAE & MSR.LME & CR0.PG & CR3 setting (see ResetVector code). Existing code doesn't cover the higher address access above 512G before memory-discovered callback. That will be potential problem if system access the higher address after the transition from temporary RAM to permanent MEM RAM. Solution: This patch is to migrate page table to permanent memory to map entire physical address space if CR0.PG is set during temporary RAM Done. Cc: Eric Dong <eric.dong@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Zeng Star <star.zeng@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Rahul Kumar <rahul1.kumar@intel.com> Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com> --- UefiCpuPkg/SecCore/SecCore.inf | 1 + UefiCpuPkg/SecCore/SecCoreNative.inf | 1 + UefiCpuPkg/SecCore/SecMain.c | 147 +++++++++++++++++++++++++++++++++++ UefiCpuPkg/SecCore/SecMain.h | 4 + 4 files changed, 153 insertions(+) diff --git a/UefiCpuPkg/SecCore/SecCore.inf b/UefiCpuPkg/SecCore/SecCore.inf index 3758aded3b..cab69b8b97 100644 --- a/UefiCpuPkg/SecCore/SecCore.inf +++ b/UefiCpuPkg/SecCore/SecCore.inf @@ -53,10 +53,11 @@ CpuExceptionHandlerLib ReportStatusCodeLib PeiServicesLib PeiServicesTablePointerLib HobLib + CpuPageTableLib [Ppis] ## SOMETIMES_CONSUMES ## PRODUCES gEfiSecPlatformInformationPpiGuid diff --git a/UefiCpuPkg/SecCore/SecCoreNative.inf b/UefiCpuPkg/SecCore/SecCoreNative.inf index 1ee6ff7d88..fa241cca94 100644 --- a/UefiCpuPkg/SecCore/SecCoreNative.inf +++ b/UefiCpuPkg/SecCore/SecCoreNative.inf @@ -50,10 +50,11 @@ CpuExceptionHandlerLib ReportStatusCodeLib PeiServicesLib PeiServicesTablePointerLib HobLib + CpuPageTableLib [Ppis] ## SOMETIMES_CONSUMES ## PRODUCES gEfiSecPlatformInformationPpiGuid diff --git a/UefiCpuPkg/SecCore/SecMain.c b/UefiCpuPkg/SecCore/SecMain.c index 95375850ec..b0ab6cdae4 100644 --- a/UefiCpuPkg/SecCore/SecMain.c +++ b/UefiCpuPkg/SecCore/SecMain.c @@ -70,10 +70,139 @@ MigrateGdt ( AsmWriteGdtr (&Gdtr); return EFI_SUCCESS; } +/** + Migrate page table to permanent memory mapping entire physical address space. + + @retval EFI_SUCCESS The PageTable was migrated successfully. + @retval EFI_UNSUPPORTED Unsupport to migrate page table to permanent memory if IA-32e Mode not actived. + @retval EFI_OUT_OF_RESOURCES The PageTable could not be migrated due to lack of available memory. + +**/ +EFI_STATUS +MigratePageTable ( + VOID + ) +{ + EFI_STATUS Status; + IA32_CR4 Cr4; + BOOLEAN Page5LevelSupport; + UINT32 RegEax; + CPUID_EXTENDED_CPU_SIG_EDX RegEdx; + BOOLEAN Page1GSupport; + PAGING_MODE PagingMode; + CPUID_VIR_PHY_ADDRESS_SIZE_EAX VirPhyAddressSize; + UINT32 MaxExtendedFunctionId; + UINTN PageTable; + EFI_PHYSICAL_ADDRESS Buffer; + UINTN BufferSize; + IA32_MAP_ATTRIBUTE MapAttribute; + IA32_MAP_ATTRIBUTE MapMask; + + VirPhyAddressSize.Uint32 = 0; + PageTable = 0; + BufferSize = 0; + MapAttribute.Uint64 = 0; + MapMask.Uint64 = MAX_UINT64; + MapAttribute.Bits.Present = 1; + MapAttribute.Bits.ReadWrite = 1; + + // + // Check Page5Level Support or not. + // + Cr4.UintN = AsmReadCr4 (); + Page5LevelSupport = (Cr4.Bits.LA57 ? TRUE : FALSE); + + // + // Check Page1G Support or not. + // + Page1GSupport = FALSE; + AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL); + if (RegEax >= CPUID_EXTENDED_CPU_SIG) { + AsmCpuid (CPUID_EXTENDED_CPU_SIG, NULL, NULL, NULL, &RegEdx.Uint32); + if (RegEdx.Bits.Page1GB != 0) { + Page1GSupport = TRUE; + } + } + + // + // Decide Paging Mode according Page5LevelSupport & Page1GSupport. + // + if (Page5LevelSupport) { + PagingMode = Page1GSupport ? Paging5Level1GB : Paging5Level; + } else { + PagingMode = Page1GSupport ? Paging4Level1GB : Paging4Level; + } + + // + // Get Maximum Physical Address Bits + // Get the number of address lines; Maximum Physical Address is 2^PhysicalAddressBits - 1. + // If CPUID does not supported, then use a max value of 36 as per SDM 3A, 4.1.4. + // + AsmCpuid (CPUID_EXTENDED_FUNCTION, &MaxExtendedFunctionId, NULL, NULL, NULL); + if (MaxExtendedFunctionId >= CPUID_VIR_PHY_ADDRESS_SIZE) { + AsmCpuid (CPUID_VIR_PHY_ADDRESS_SIZE, &VirPhyAddressSize.Uint32, NULL, NULL, NULL); + } else { + VirPhyAddressSize.Bits.PhysicalAddressBits = 36; + } + + if ((PagingMode == Paging4Level1GB) || (PagingMode == Paging4Level)) { + // + // The max lineaddress bits is 48 for 4 level page table. + // + VirPhyAddressSize.Bits.PhysicalAddressBits = MIN (VirPhyAddressSize.Bits.PhysicalAddressBits, 48); + } + + // + // Get required buffer size for the pagetable that will be created. + // + Status = PageTableMap (&PageTable, PagingMode, 0, &BufferSize, 0, LShiftU64 (1, VirPhyAddressSize.Bits.PhysicalAddressBits), &MapAttribute, &MapMask, NULL); + ASSERT (Status == EFI_BUFFER_TOO_SMALL); + if (Status != EFI_BUFFER_TOO_SMALL) { + return Status; + } + + // + // Allocate required Buffer. + // + Status = PeiServicesAllocatePages ( + EfiBootServicesData, + EFI_SIZE_TO_PAGES (BufferSize), + &Buffer + ); + if (EFI_ERROR (Status)) { + return EFI_OUT_OF_RESOURCES; + } + + // + // Create PageTable in permanent memory. + // + Status = PageTableMap (&PageTable, PagingMode, (VOID *)(UINTN)Buffer, &BufferSize, 0, LShiftU64 (1, VirPhyAddressSize.Bits.PhysicalAddressBits), &MapAttribute, &MapMask, NULL); + ASSERT_EFI_ERROR (Status); + if (EFI_ERROR (Status) || (PageTable == 0)) { + return EFI_OUT_OF_RESOURCES; + } + + // + // Write the Pagetable to CR3. + // + AsmWriteCr3 (PageTable); + + DEBUG (( + DEBUG_INFO, + "MigratePageTable: Created PageTable = 0x%lx, BufferSize = %x, PagingMode = 0x%lx, Support Max Physical Address Bits = %d\n", + PageTable, + BufferSize, + (UINTN)PagingMode, + VirPhyAddressSize.Bits.PhysicalAddressBits + )); + + return Status; +} + // // These are IDT entries pointing to 10:FFFFFFE4h. // UINT64 mIdtEntryTemplate = 0xffff8e000010ffe4ULL; @@ -451,10 +580,11 @@ SecTemporaryRamDone ( EFI_STATUS Status2; UINTN Index; BOOLEAN State; EFI_PEI_PPI_DESCRIPTOR *PeiPpiDescriptor; REPUBLISH_SEC_PPI_PPI *RepublishSecPpiPpi; + IA32_CR0 Cr0; // // Republish Sec Platform Information(2) PPI // RepublishSecPlatformInformationPpi (); @@ -492,10 +622,27 @@ SecTemporaryRamDone ( if (PcdGetBool (PcdMigrateTemporaryRamFirmwareVolumes)) { Status = MigrateGdt (); ASSERT_EFI_ERROR (Status); } + // + // Migrate page table to permanent memory mapping entire physical address space if CR0.PG is set. + // + Cr0.UintN = AsmReadCr0 (); + if (Cr0.Bits.PG != 0) { + // + // Assume CPU runs in 64bit mode if paging is enabled. + // + ASSERT (sizeof (UINTN) == sizeof (UINT64)); + + Status = MigratePageTable (); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "SecTemporaryRamDone: Failed to migrate page table to permanent memory: %r.\n", Status)); + CpuDeadLoop (); + } + } + // // Disable Temporary RAM after Stack and Heap have been migrated at this point. // SecPlatformDisableTemporaryMemory (); diff --git a/UefiCpuPkg/SecCore/SecMain.h b/UefiCpuPkg/SecCore/SecMain.h index 880e6cd1b8..b50d96e45b 100644 --- a/UefiCpuPkg/SecCore/SecMain.h +++ b/UefiCpuPkg/SecCore/SecMain.h @@ -17,10 +17,11 @@ #include <Ppi/PeiCoreFvLocation.h> #include <Ppi/RepublishSecPpi.h> #include <Guid/FirmwarePerformance.h> +#include <Library/BaseLib.h> #include <Library/DebugLib.h> #include <Library/PcdLib.h> #include <Library/BaseMemoryLib.h> #include <Library/PlatformSecLib.h> #include <Library/CpuLib.h> @@ -30,10 +31,13 @@ #include <Library/CpuExceptionHandlerLib.h> #include <Library/ReportStatusCodeLib.h> #include <Library/PeiServicesTablePointerLib.h> #include <Library/HobLib.h> #include <Library/PeiServicesLib.h> +#include <Library/CpuPageTableLib.h> +#include <Register/Intel/Cpuid.h> +#include <Register/Intel/Msr.h> #define SEC_IDT_ENTRY_COUNT 34 typedef struct _SEC_IDT_TABLE { // -- 2.16.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#104958): https://edk2.groups.io/g/devel/message/104958 Mute This Topic: https://groups.io/mt/98895181/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/leave/3901457/1787277/102458076/xyzzy [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
© 2016 - 2024 Red Hat, Inc.