OvmfPkg/BaseMemEncryptSevLib: Re-organize page state change support
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654 In preparation for running under an SVSM at VMPL1 or higher (higher numerically, lower privilege), re-organize the way a page state change is performed in order to free up the GHCB for use by the SVSM support. Currently, the page state change logic directly uses the GHCB shared buffer to build the page state change structures. However, this will be in conflict with the use of the GHCB should an SVSM call be required. Instead, use a separate buffer (an area in the workarea during SEC and an allocated page during PEI/DXE) to hold the page state change request and only update the GHCB shared buffer as needed. Since the information is copied to, and operated on, in the GHCB shared buffer this has the added benefit of not requiring to save the start and end entries for use when validating the memory during the page state change sequence. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Erdem Aktas <erdemaktas@google.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Michael Roth <michael.roth@amd.com> Cc: Min Xu <min.m.xu@intel.com> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
This commit is contained in:
Tom Lendacky
committed by
mergify[bot]
mergify[bot]
parent
f40c1f2a30
commit
2b330b57db
@@ -3,7 +3,7 @@
|
||||
Virtual Memory Management Services to set or clear the memory encryption bit
|
||||
|
||||
Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
|
||||
Copyright (c) 2017 - 2020, AMD Incorporated. All rights reserved.<BR>
|
||||
Copyright (c) 2017 - 2024, AMD Incorporated. All rights reserved.<BR>
|
||||
|
||||
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||
|
||||
@@ -23,6 +23,8 @@ STATIC BOOLEAN mAddressEncMaskChecked = FALSE;
|
||||
STATIC UINT64 mAddressEncMask;
|
||||
STATIC PAGE_TABLE_POOL *mPageTablePool = NULL;
|
||||
|
||||
STATIC VOID *mPscBuffer = NULL;
|
||||
|
||||
typedef enum {
|
||||
SetCBit,
|
||||
ClearCBit
|
||||
@@ -786,7 +788,19 @@ SetMemoryEncDec (
|
||||
// The InternalSetPageState() is used for setting the page state in the RMP table.
|
||||
//
|
||||
if (!Mmio && (Mode == ClearCBit) && MemEncryptSevSnpIsEnabled ()) {
|
||||
InternalSetPageState (PhysicalAddress, EFI_SIZE_TO_PAGES (Length), SevSnpPageShared, FALSE);
|
||||
if (mPscBuffer == NULL) {
|
||||
mPscBuffer = AllocateReservedPages (1);
|
||||
ASSERT (mPscBuffer != NULL);
|
||||
}
|
||||
|
||||
InternalSetPageState (
|
||||
PhysicalAddress,
|
||||
EFI_SIZE_TO_PAGES (Length),
|
||||
SevSnpPageShared,
|
||||
FALSE,
|
||||
mPscBuffer,
|
||||
EFI_PAGE_SIZE
|
||||
);
|
||||
}
|
||||
|
||||
//
|
||||
@@ -975,11 +989,18 @@ SetMemoryEncDec (
|
||||
// The InternalSetPageState() is used for setting the page state in the RMP table.
|
||||
//
|
||||
if ((Mode == SetCBit) && MemEncryptSevSnpIsEnabled ()) {
|
||||
if (mPscBuffer == NULL) {
|
||||
mPscBuffer = AllocateReservedPages (1);
|
||||
ASSERT (mPscBuffer != NULL);
|
||||
}
|
||||
|
||||
InternalSetPageState (
|
||||
OrigPhysicalAddress,
|
||||
EFI_SIZE_TO_PAGES (OrigLength),
|
||||
SevSnpPagePrivate,
|
||||
FALSE
|
||||
FALSE,
|
||||
mPscBuffer,
|
||||
EFI_PAGE_SIZE
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user