Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

set shared bit to MMIO range reported by VMM #238

Open
wants to merge 1 commit into
base: TDVF
Choose a base branch
from
Open

set shared bit to MMIO range reported by VMM #238

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion TdvfPkg/Library/BaseMemEncryptTdxLib/BaseMemEncryptTdxLib.inf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
FILE_GUID = 9fa36066-4745-47de-b488-7c3b5ba9b261
MODULE_TYPE = BASE
VERSION_STRING = 1.0
LIBRARY_CLASS = MemEncryptLib|PEIM DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SMM_DRIVER UEFI_DRIVER
LIBRARY_CLASS = MemEncryptLib|SEC DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SMM_DRIVER UEFI_DRIVER

#
# The following information is for reference only and not required by the build
Expand Down
9 changes: 9 additions & 0 deletions TdvfPkg/Library/BaseMemEncryptTdxLib/MemoryEncryption.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,15 @@ MemEncryptIsEnabled (
return TRUE;
}

VOID
EFIAPI
SetMemEncryptionAddressMask (
IN UINT64 AddressEncMask
)
{
mAddressEncMask = AddressEncMask;
mAddressEncMaskChecked = TRUE;
}
/**
Get the memory encryption mask

Expand Down
6 changes: 6 additions & 0 deletions TdvfPkg/Override/OvmfPkg/Include/Library/MemEncryptLib.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -110,4 +110,10 @@ MemEncryptLocateInitialSmramSaveStateMapPages (
OUT UINTN *BaseAddress,
OUT UINTN *NumberOfPages
);

VOID
EFIAPI
SetMemEncryptionAddressMask (
IN UINT64 AddressEncMask
);
#endif // _MEM_ENCRYPT_LIB_H_
42 changes: 42 additions & 0 deletions TdvfPkg/TdShim/Sec/DxeLoad.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/PrePiLib.h>
#include "X64/PageTables.h"
#include <Library/ReportStatusCodeLib.h>
#include <Library/MemEncryptLib.h>

#include "SecMain.h"

Expand All @@ -38,6 +39,46 @@ EFI_MEMORY_TYPE_INFORMATION mDefaultMemoryTypeInformation[] = {
};


VOID
SetMmioShareBit (
IN UINTN PageTables
)
{
UINT64 AddressEncMask;
EFI_HOB_CPU * CpuHob;
VOID *HobStart;
EFI_PEI_HOB_POINTERS Hob;
EFI_STATUS Status;

if (PcdGetBool(PcdTdxDisableSharedMask) == TRUE) {
AddressEncMask = 0;
} else {
CpuHob = GetFirstHob (EFI_HOB_TYPE_CPU);
ASSERT (CpuHob != NULL);
AddressEncMask = 1ULL << (CpuHob->SizeOfMemorySpace - 1);
}

SetMemEncryptionAddressMask (AddressEncMask);

HobStart = GetHobList();
Hob.Raw = (UINT8 *) HobStart;
while (!END_OF_HOB_LIST (Hob)) {
if ((Hob.Header->HobType == EFI_HOB_TYPE_RESOURCE_DESCRIPTOR)
&& (Hob.ResourceDescriptor->ResourceType == EFI_RESOURCE_MEMORY_MAPPED_IO )) {
Status = MemEncryptClearPageEncMask (
PageTables,
Hob.ResourceDescriptor->PhysicalStart,
Hob.ResourceDescriptor->ResourceLength / EFI_PAGE_SIZE,
FALSE
);
ASSERT_EFI_ERROR (Status);
if (EFI_ERROR (Status)) {
CpuDeadLoop ();
}
}
Hob.Raw = GET_NEXT_HOB (Hob);
}
}
/**
Transfers control to DxeCore.

Expand Down Expand Up @@ -95,6 +136,7 @@ HandOffToDxeCore (
}

if (FeaturePcdGet (PcdDxeIplBuildPageTables)) {
SetMmioShareBit (PageTables);
AsmWriteCr3 (PageTables);
}

Expand Down
2 changes: 2 additions & 0 deletions TdvfPkg/TdShim/Sec/SecMain.inf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,7 @@
CpuExceptionHandlerLib
SynchronizationLib
TdxLib
MemEncryptLib

[Guids]
gEfiHobMemoryAllocModuleGuid
Expand Down Expand Up @@ -87,6 +88,7 @@
gUefiTdvfPkgTokenSpaceGuid.PcdBfvSize
gUefiTdvfPkgTokenSpaceGuid.PcdUseTdxEmulation
gUefiTdvfPkgTokenSpaceGuid.PcdTdxAcceptPageChunkSize
gUefiTdvfPkgTokenSpaceGuid.PcdTdxDisableSharedMask
gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack ## CONSUMES


Expand Down